Turns out that the IP of a much-needed new website is blocked from inside our organization's network for reasons that will take weeks to fix. In the meantime, could we set up a reverse proxy on an Internet-based server which will forward SSL traffic and perhaps client IPs to the external site? Load will be light. No need to terminate SSL on the proxy. We may be able to poison DNS so original URL can work.
How do I learn if I need URL rewriting? Squid/apache/nginx/something else? Setup would be fastest on Win 2000, but other OSes are OK if that would help. Simple and quick are good since it's a temporary solution.
Thanks for your thoughts!
Since you need to do URL rewrite, you can use ARR (Application Request Routing) with IIS 7 (or higher).There is an option to disable "SSL offloading" if you do not wish to terminate SSL on proxy end.
http://www.iis.net/learn/extensions/configuring-application-request-routing-(arr)/http-load-balancing-using-application-request-routing
To ensure that Client IPs are carried over, you can install ARRHelper as per http://blogs.iis.net/anilr/archive/2009/03/03/client-ip-not-logged-on-content-server-when-using-arr.aspx. I assume your web site is running IIS.
Alternatively, for something quick and dirty on Windows, use netsh portproxy to proxy all TCP 443 (SSL) traffic over.
See http://technet.microsoft.com/en-us/library/cc731068(v=ws.10).aspx#BKMK_1
Make sure IIS is not installed, and take note that client IP is not carried over.
Easiest reverse proxy solution for you will probably be IIS 7 with Application Request Routing. It's a very quick install so even if it's not what you're looking for, at least you can give it a shot without spending a whole lot of time.
http://learn.iis.net/page.aspx/489/using-the-application-request-routing-module/
http://www.hanselman.com/blog/NewModulesForIIS7ApplicationRequestRoutingProxyAndLoadBalancingModule.aspx
I use Squid on Window 2003 from http://squid.acmeconsulting.it/ It works very well for as a normal web proxy.
If you think Squid might work, they also have an SSL binary of Squid 2.7 (stable-8) that is "for reverse proxy only - EXPERIMENTAL"
Even though your question is already 9 years old there might be other people having the same problem.
You can just use Tor Browser(Wikipedia Article). If it can get through the Great Firewall of China, it can also make any needed site available in a organization's network.
I know this is not an explanation how to set up a proxy server but the question was how to do it simple and quick. And it is:
Download Tor Browser --> Start Tor Browser --> Maybe configure bridges --> Click Connect --> Surf an anonymous web without censorship, tracking and surveillance
You don't even need admin rights!
Tor Browser is secure, anonymous and FLOSS(Free / Libre Open Source Software) licensed under the GPLv3(GNU General Public License, version 3)(Wikipedia) a free, copyleft license by the FSF(Free Software Foundation).
I know this forum is about servers but the question is here and this is also a solution.