How to create reverse proxy on the NetScaler

Prerequisites

– For HTTPS reverse proxy you need a certificate. For external usage you need a certificate that is trusted bij a external CA.

– Add Feature Content Switching, Load Balancing. (I Forgot it first time… always had a 503 error code….  i was sure the policy for content switching was ok….)

DontForgetAddFeatureCSW

 

1. Make a Load Balanced Reverse Proxy.
1.1 Add a server. your real Webserver

AddServer
1.2 Add a service. Choose a monitor or create a monitor. Best monitor is a monitor that checks if some content is on the site report UP.

AddService
1.3 Add a LB virtual server. And choose for example CookieInsert for persistancy.

1.4 Add your internal Certificate(from your internal domain CA) when it is a https connection to the back-end webserver. Bit length restriction for windows is 1024 bits. I recommend to use as low as possible for internal traffic. Less encrryption/decryption = less CPU usage.

 

AddVirtualLBServerAddVirtualLBServerCookieInsert
1.5 Create a Content switching Policy.

ADDCSWPolicy

 

1.6 Create a Content Switching Virtual Server. Bind the CSW policy. Select the created LB virtual server as Target.

1.7 Add the Cert that is trusted by a public CA to the SSL Settings

ADDCSWVServer

1.8 Add  DNS entry CSWDEMO.DEMO.LOCAL 192.168.2.22

PingCSWIP

1.9 Successful!!!!

successfullCSW

 

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s