# How to setup FreeBSD for a reverse proxy



## ansarm (Jun 15, 2012)

The following howto describes how to set up FreeBSD to use as a reverse web proxy.
This example sets up FreeBSD as a reverse proxy for Exchange 2010 Outlook Web Access and Exchange ActiveSync.

I will be using Pound: http://www.apsis.ch/pound
_The Pound program is a reverse proxy, load balancer and HTTPS front-end for Web server(s). Pound was developed to enable distributing the load among several Web-servers and to allow for a convenient SSL wrapper for those Web servers that do not offer it natively._


Environment Setup:
FreeBSD IP Address: 192.168.2.26
Exchange Server IP Address: 192.168.2.22
OWA/ActiveSync Address: mail.contoso.com

Requirements
SSL Certificate in .pem format without strong key protection
Certificate must have private/public key pair.



Step 1: Install Pound from Ports

```
#cd /user/ports/www/pound
#make install
```

Step 2: Configure pound to start automatically
edit /etc/rc.conf and add 


```
pound_enable="YES"
```

Step 3: Edit pound configuration
Edit /usr/local/etc/pound.cfg and add the follwing


```
#Pound Conifguration
#IgnoreCase, xHTTP and TimeOuts are mandatory settings specific to OWA/ActiveSync

#TimeOut must me 3600 or greater to support ActiveSync
TimeOut         3600
LogLevel        5

IgnoreCase      1

#Basic HTTP Listener forwards all requests to the OWA URL
ListenHTTP
                Address 192.168.2.26
                Port 80
                Service
                        Redirect "https://mail.contoso.com/owa/"
                End
End


#The SSL Listener responsible for OWA and ActiveSync
ListenHTTPS
                Address 192.168.2.26
                Port    443
                xHTTP   4
                Cert    "/usr/local/etc/pound/server.pem"

                #Service Provides OWA Access
                Service
                        Redirect "https://mail.contoso.com/owa/"
                End
End


#The SSL Listener responsible for OWA and ActiveSync
ListenHTTPS
                Address 192.168.2.26
                Port    443
                xHTTP   4
                Cert    "/usr/local/etc/pound/server.pem"

                #Service Provides OWA Access
                Service
                        Url     "/owa*"
                        Backend
                             Address 192.168.2.22
                                Port 80
                        End
                End

                #Service Provides ActiveSync Access
                Service
                        Url "/Microsoft-Server-ActiveSync*"
                         Backend
                                Address 192.168.2.22
                                Port 80
                        End
                End

                #Service Redirects all other URLs to the OWA page
                Service
                        Redirect "https://mail.contoso.com/owa/"
                  End
```


----------

