How to reverse proxy raw TCP connections

Matt_Van_Mater · November 24, 2021, 9:34pm

I would like to use Caddy to act as a reverse proxy that sits in front of an OpenVPN AS server. The initial connection for OpenVPN uses HTTPS, but then subsequent VPN traffic does not use HTTP and must be proxied as a TCP connection only.

I have a vanilla Ubuntu 20.04 installation and followed the installation instructions here. Caddy works fine for HTTP / HTTPS backends.

I believe correct way to run openvpn through Caddy is to use the layer4 module described here layer4 but i don’t know how to implement modules within my caddyfile, and don’t understand the documentation in the context of a broader caddyfile.

Assuming i’m correct, can someone please supply a complete end-to-end caddyfile example that shows how to

Listen for connections to vpn.mydomain-.-com:443 -AND-
Use the layer4 module and reverse proxy TCP connections to backend.mydomain-.-com:443

Thanks!

francislavoie · November 24, 2021, 10:03pm

You need to install the GitHub - mholt/caddy-l4: Layer 4 (TCP/UDP) app for Caddy plugin, which involves making a custom build of Caddy. See instructions for that here (easiest with xcaddy):

Or download from the build server: Download Caddy

Unfortunately, caddy-l4 doesn’t have Caddyfile support yet (quite complicated to implement for it) so you’ll need to use JSON config for now.

system · December 24, 2021, 9:34pm

This topic was automatically closed after 30 days. New replies are no longer allowed.