How do I build a https web portal to a LAN device?

DingbatCA · Guru Joined: 07 Jul 2004 Posts: 384 Location: Portland Or

I am not really sure how to build this one.

The problem.
I have a simple weather station that has a web interface on my internal network. I does not have any form of authentication. I would like to place a password protected portal/proxy in from of it so I can access if from the out side world.

Something like this:
incoming request for the internet (Port 443, https) --> router --> (https) portal/proxy/password (http) --> (http) weather station.

The only part I don't know how to build is the portal/proxypassword thing. Is that an internal proxy? I am not even sure what to look for. Ideas?

Hu · Moderator Joined: 06 Mar 2007 Posts: 21633

You want a reverse proxy, which will accept an encrypted connection, decrypt it, and forward it to the embedded device.

If you do not mind a slightly less clean solution, you could use ssh port forwarding or the ssh SOCKS proxy. Internet users would then authenticate to your sshd on the edge device. That would then allow them to forward traffic into the LAN, and ssh would handle encrypting the traffic as it traversed the Internet.

DingbatCA · Guru Joined: 07 Jul 2004 Posts: 384 Location: Portland Or

HA! I am currently using ssh tunneling to get to my embedded device. :-)

I was looking for a better solution. Any ideas on a good "reverse proxy" or should I start googling?

solamour · Posted: Mon Sep 19, 2011 6:23 am Post subject:

Perhaps you are already aware of it, but if "weather station" is running apache (or lighttpd), you can configure authentication. That way, you can do without portal/proxy/password.

http://httpd.apache.org/docs/2.0/howto/auth.html
__
sol