caddy icon indicating copy to clipboard operation
caddy copied to clipboard
verified publisher icon caddyserver

Reverse proxy MSRPC in Caddy v2

Open whitestrake opened this issue 6 years ago • 2 comments

1. What would you like to have changed?

Implement special handling for reverse proxying MSRPC / tunneling as required for Microsoft Remote Desktop Gateway and Outlook Anywhere services.

2. Why is this feature a useful, necessary, and/or important addition to this project?

As these services don't use standard HTTP, despite communicating on HTTP(S) ports and using the same to negotiate / encrypt connections, without this addition Caddy can't reverse proxy these services effectively. People wishing to use Caddy to load balance a hybrid environment would instead need to use HAProxy, which appears to handle this natively, or Apache, which apparently handles it with a third party module (see: https://github.com/bombadil/mod_proxy_msrpc)

3. What alternatives are there, or what are you doing in the meantime to work around the lack of this feature?

HAProxy apparently handles this, and supports TLS passthrough, so one could put HAProxy in front of both Caddy and MSRPC services.

The net server type or even plain port forwarding would suffice only if the user doesn't also want to have Caddy hosting / proxying to other servers in a la vhosts.

4. Please link to any relevant issues, pull requests, or other discussions.

https://caddy.community/t/need-help-setting-up-caddy-as-reverse-proxy-for-remote-desktop-services-gateway/347 https://caddy.community/t/caddy-as-remote-desktop-gateway/4383 https://caddy.community/t/remote-desktop-gateway-via-subdomain/6145

whitestrake avatar Aug 30 '19 00:08 whitestrake

Another user who wants this:

https://caddy.community/t/exchange-auto-discover-error/10971

francislavoie avatar Dec 30 '20 16:12 francislavoie

An alternative solution could be the new (and experimental) Caddy Layer 4 App, which supports TCP proxying and TLS termination. Not sure if this fits your requirements, but might be a viable option for you.

https://github.com/mholt/caddy-l4

hslatman avatar Dec 30 '20 20:12 hslatman

I think I'll close this as inactive/not planned. It's more likely that this functionality would be provided by a plugin rather than being in the core, especially since it's very low demand.

francislavoie avatar Oct 03 '22 04:10 francislavoie

Since this issue was posted, Caddy is now way more capable and can definitely support this. And yeah, I agree, probably best to start with a plugin. Anyone is welcome to build one and share it!

mholt avatar Oct 04 '22 04:10 mholt

Did anyone build this as a plugin? I did not see one on the list of plugins where you download Caddy, but it is hard to tell with some of the naming conventions.

GenerationZip avatar Feb 27 '24 18:02 GenerationZip

Not that we know of.

francislavoie avatar Feb 27 '24 18:02 francislavoie