I have just configured a Microsoft Remote Desktop Services service on an internal Windows Server 2012 R2 server. I have access to RDP through outside the network with port forwarding. However, because I have additional web servers running on port 80/443, I can't expose RD Web Access running on IIS to directly to the internet.
I have a reverse proxy configuration with Apache for all my internal sites, so I'm trying to use the same for RD Web Access. My configuration (for both HTTP & HTTPS) is as follows
<VirtualHost *:80>
ServerName foo.example.com
ProxyPass / http://192.168.1.xxx/
ProxyPassReverse / http://192.168.1.xxx/
</VirtualHost>
This configuration seems to work but has an issue. When connecting directly to foo.example.com, I get the default IIS page, as expected. However, when accessing http://foo.example.com/RDWeb/, the URL gets changed to http://192.168.1.xxx/RDWeb, which I obviously can't access from outside of my network. I need it to stay as http://foo.example.com/RDWeb/.
I have tried adding ProxyPreserveHost On to my apache configuration, when I do that, I get an infinite redirect loop, so that doesn't work either. I'm pretty sure that this is NOT an IIS issue, because if I set my local host file to point foo.example.com to 192.168.1.xxx, it works without issue.
Is there something I'm missing in my Apache Reverse Proxy configurations?
Well, after an epiphany, I found the cause of my issues.
Turns out, I was indeed supposed to keep
ProxyPreserveHost Onto allow URL rewriting to the correct external URL. However, because my external URL had an SSL certificate, I was getting an infinite redirect loop which went like thisI fixed this my turning my
ProxyPassandProxyPassReversedirectives to proxy the HTTPS instead of HTTP internal IP. Because of this, I also had to add theSSLProxyEngine Ondirective.