Integrating with Apps Behind Routers Using Reverse Proxy


- Solving Remote Connectivity for a Cloud-Based POS with a Reverse Proxy
- Exploring Possible Solutions
- Implementing FRP as a Reverse Proxy
- Final Thoughts
Solving Remote Connectivity for a Cloud-Based POS with a Reverse Proxy
I was working on a cloud-based POS web application that needed to send HTTP POST and GET requests to API endpoints provided by desktop applications sitting behind a router. The real challenge wasn't just making the requests—it was figuring out how to reliably reach those machines in the first place. Here’s how I tackled it.
Exploring Possible Solutions
1. Port Forwarding
The first solution that came to mind was port forwarding. However, for this to work, two conditions had to be met:
- The router had to support port forwarding.
- The machines had to have static IP addresses.
Unfortunately, neither condition was guaranteed. Many clients had dynamic IPs, and their routers varied, meaning some supported port forwarding while others didn’t. To address the dynamic IP issue, I considered using a dynamic DNS (DDNS) service like No-IP. This allowed us to map dynamic IPs to a static hostname. However, the inconsistency in router support for both port forwarding and DDNS made this approach unreliable across all clients.
2. Ngrok
Another option I considered was using Ngrok, which provides secure tunneling for local servers. However, we couldn't use it because:
- We needed more control over the solution.
- We needed something scalable, meaning I didn’t want to create an account for every client and manage it—this would be too tiresome.
- It wasn’t allowed in our location, making it a non-starter.
3. Reverse Proxy as a Tunnel
Since port forwarding and Ngrok weren’t viable, I explored another option: using a reverse proxy to create a tunnel between our server and the client machines. That’s when I came across FRP (Fast Reverse Proxy), a powerful tool that allows exposing local servers behind NAT or firewalls to the internet.
Implementing FRP as a Reverse Proxy
To make this work, I needed a VPS (Virtual Private Server) to act as our central reverse proxy server. Here’s how we set it up:
-
Setting Up the Reverse Proxy Server
We installed FRP on the VPS, which would act as a bridge between the cloud POS and client machines. -
Configuring the Client Machines
Each client needed to connect to the reverse proxy, so we provided them with:- A configuration file that included assigning a unique subdomain to their machine.
- Batch scripts that would automatically run on login to establish the connection.
-
Automating the Connection
Once a client machine was powered on and logged in, the script ensured it was automatically connected to our reverse proxy. This meant our cloud POS could now send requests to the subdomain, and the reverse proxy would route them to the correct machine.
Final Thoughts
After considering four possible solutions:
- Port Forwarding (Unreliable due to router support inconsistencies)
- Port Forwarding + DDNS (Better, but still inconsistent across different routers)
- Ngrok (Lacked control, scalability issues, and not allowed in our location)
- Reverse Proxy Server (Reliable and works across all setups)
The reverse proxy solution proved to be the best approach. It eliminated dependency on router configurations and static IPs, providing a seamless way to connect our cloud-based POS to client machines securely and reliably.
This approach not only solved our connectivity challenge but also made onboarding new clients easier, as they only needed to download a couple of files and log in to their machines. Now, every time a client’s computer is turned on, it’s automatically reachable—no manual configuration required.
Additionally, this solution turned into a new revenue stream for us, as the company started offering it as an add-on service. Clients who needed remote access to their local POS systems could subscribe to this feature, adding more value to our offering while generating additional income.
Stay Updated.
I'll you email you as soon as new, fresh content is published.