- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
Re: (working) Nginx config for ProSAFE plus switches
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi guys, this issue has been bugging me for a while and I couldn't find an answer. Decided to share a solution with the community, so that others don't have to bang their head against the wall.
Issue: When using a reverse proxy to gain access to the switch via SSL / custom domain, I couldn't get the admin page to login. Password would be accepted (not return an error), but page would redirect back to login.
There was a secondary issue that proxy would give up waiting for a responce and some images would timeout, returning to the browser as 5xx errors.
Without further ado, here is the nginx site config that worked, replace server_name and IP with appropriate values for your needs.
limit_req_zone $server_name zone=perserver:10m rate=10r/s; server { listen 443 ssl; server_name host.*; set $ip w.x.y.z; # all ssl related config moved to ssl.conf include /config/nginx/ssl.conf; client_max_body_size 0; limit_req zone=perserver burst=20; location / { proxy_pass http://$ip; proxy_set_header Cookie "SID=$cookie_SID"; proxy_http_version 1.1; } location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|swf)$ { proxy_pass http://$ip; access_log off; } }
Main issue is that the router required a proper case headers such as "Cookie", and didn't know what to do with lower case headers comming from nginx (such as "cookie"). I've also setup a burst limiting to give the router a chance to reply, given the limited resources.
This is specifically to fix issues with the GS116 series of managed switches, cookie name userd for authentication (SID in this case), may be different for your model. Share your config if you got it working on the other models.
Cheers,
Gene
Solved! Go to Solution.
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Found a better way to pass the cookies to the switch, Instead of a specific SID cookie, all of them can be passed via the following command:
proxy_set_header Cookie $http_cookie;Feel free to try this instead of: proxy_set_header Cookie "SID=$cookie_SID";
All Replies
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Found a better way to pass the cookies to the switch, Instead of a specific SID cookie, all of them can be passed via the following command:
proxy_set_header Cookie $http_cookie;Feel free to try this instead of: proxy_set_header Cookie "SID=$cookie_SID";