# How do I build a https web portal to a LAN device?

## DingbatCA

I am not really sure how to build this one.

The problem.

I have a simple weather station that has a web interface on my internal network.  I does not have any form of authentication. I would like to place a password protected portal/proxy in from of it so I can access if from the out side world.

Something like this:

incoming request  for the internet (Port 443, https) --> router --> (https) portal/proxy/password (http) --> (http) weather station.

The only part I don't know how to build is the portal/proxypassword thing.  Is that an internal proxy? I am not even sure what to look for.  Ideas?

----------

## Hu

You want a reverse proxy, which will accept an encrypted connection, decrypt it, and forward it to the embedded device.

If you do not mind a slightly less clean solution, you could use ssh port forwarding or the ssh SOCKS proxy.  Internet users would then authenticate to your sshd on the edge device.  That would then allow them to forward traffic into the LAN, and ssh would handle encrypting the traffic as it traversed the Internet.

----------

## DingbatCA

HA!  I am currently using ssh tunneling to get to my embedded device. :-)

I was looking for a better solution.  Any ideas on a good "reverse proxy"  or should I start googling?

----------

## solamour

Perhaps you are already aware of it, but if "weather station" is running apache (or lighttpd), you can configure authentication. That way, you can do without portal/proxy/password.

http://httpd.apache.org/docs/2.0/howto/auth.html

__

sol

----------

