<div dir="ltr">Hi Francis, Thanks for the reply.<br><br>My file is like this.<br><br>upstream webgateway {<br> server <a href="http://192.168.239.151:9090">192.168.239.151:9090</a>;<br> server <a href="http://192.168.239.152:9090">192.168.239.152:9090</a>;<br> keepalive 10;<br>}<br><br>server {<br> listen 9191;<br> server_name proxy.lab.local;<br><br> location / {<br><br> proxy_set_header Host $host;<br> proxy_set_header X-Real-IP $remote_addr;<br> proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;<br> proxy_set_header X-Forwarded-Proto $scheme;<br> proxy_set_header Request-URI $request_uri;<br> proxy_redirect off;<br><br> proxy_pass <a href="http://webgateway">http://webgateway</a>;<br> }<br>}<br><div><br></div><div>I'm able to open HTTP requests in the client's browser.<br>The problem is being the HTTPS requests.<br>Is there any way for NGINX to receive the traffic and forward it (balanced) to the proxy servers?<br>A simpler way. That way I could include the Web Gateway certificate in the Windows client.<br></div><div><br></div><div>Thank You!</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">Em ter., 15 de fev. de 2022 às 10:05, Francis Daly <<a href="mailto:francis@daoine.org">francis@daoine.org</a>> escreveu:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">On Tue, Feb 15, 2022 at 08:38:07AM -0300, Carlos Renato wrote:<br>
<br>
Hi there,<br>
<br>
> Hello, I would like to use NGINX to balance traffic between two McAfee<br>
> (standalone) proxy.<br>
<br>
nginx as a server will listen for http or https requests; it does not "do"<br>
http-proxy requests. (As in: it is not a http (forward) proxy server.)<br>
<br>
nginx as a client will make http or https requests of another server;<br>
it does not make http-proxy requests. (As in: it will not talk to a http<br>
proxy server.)<br>
<br>
There are some circumstances under which you can kind-of sort-of make<br>
it work maybe well enough sometimes; but you would be fighting the<br>
application and things will probably not be smooth.<br>
<br>
So, for http-proxy traffic, you are probably better off using nginx's<br>
"stream" feature instead of "http" feature, and just let nginx be a<br>
tcp-pass-through.<br>
<br>
<a href="http://nginx.org/r/stream" rel="noreferrer" target="_blank">http://nginx.org/r/stream</a> and things like<br>
<a href="http://nginx.org/en/docs/stream/ngx_stream_proxy_module.html" rel="noreferrer" target="_blank">http://nginx.org/en/docs/stream/ngx_stream_proxy_module.html</a> and<br>
<a href="http://nginx.org/en/docs/stream/ngx_stream_upstream_module.html" rel="noreferrer" target="_blank">http://nginx.org/en/docs/stream/ngx_stream_upstream_module.html</a> --<br>
it's conceptually similar to the http things that you already know,<br>
except there is nothing http-specific about it.<br>
<br>
> I've made some advances and I'm able to open an HTTP page.<br>
> <br>
> Now, I need the client to open an HTTPS request.<br>
<br>
If the client is configured to use a http proxy for a https request,<br>
it will probably issue a CONNECT request to the proxy, expecting that<br>
the proxy will open a connection to the external https server.<br>
<br>
If nginx is a tcp-pass-through, all of that will be done on your upstream<br>
McAfee servers, the way that you expect.<br>
<br>
Good luck with it,<br>
<br>
f<br>
-- <br>
Francis Daly <a href="mailto:francis@daoine.org" target="_blank">francis@daoine.org</a><br>
_______________________________________________<br>
nginx mailing list -- <a href="mailto:nginx@nginx.org" target="_blank">nginx@nginx.org</a><br>
To unsubscribe send an email to <a href="mailto:nginx-leave@nginx.org" target="_blank">nginx-leave@nginx.org</a><br>
</blockquote></div><br clear="all"><div><br></div>-- <br><div dir="ltr" class="gmail_signature"> <br><br></div>