Author Topic: Is it possible to NAT route http depending on the used domain name? (Read 1969 times)

gerflo09 · « **on:** May 27, 2016, 01:24:25 am »

I like to achieve, that opnsense routes the http packets from WAN interface to different LAN/DMZ servers, depending on the used domain name, like apache or nginx does with virtual hosts.
How can I get that behavior?

fabian · « **Reply #1 on:** May 27, 2016, 02:13:36 pm »

you need a reverse proxy which can do this - maybe the plug in haproxy can help you. If not, OPNsense has lighttpd installed as webserver for the gui. You can run your own instance of it as a reverse proxy if you like but you have to configure it by yourself.
https://redmine.lighttpd.net/projects/1/wiki/Docs_ModProxy

gerflo09 · « **Reply #2 on:** May 29, 2016, 01:00:27 am »

cool - following here is the configuration for haproxy I like to achieve, but how can I put this into OPNsense, since I cannot edit haproxy.cfg directly - or can I?

global
daemon
maxconn 4096

defaults
mode http
timeout connect 5000ms
timeout client 50000ms
timeout server 50000ms

frontend http-in
bind *:443
acl is_site1 hdr_end(host) -i www.domain_one.com
acl is_site2 hdr_end(host) -i www.domain_two.com

use_backend site1 if is_site1
use_backend site2 if is_site2

backend site1
balance roundrobin
option httpclose
option forwardfor
server s2 192.168.0.13:443 maxconn 32

backend site2
balance roundrobin
option httpclose
option forwardfor
server s2 192.168.0.12:443 maxconn 32

Author Topic: Is it possible to NAT route http depending on the used domain name? (Read 1969 times)

gerflo09

Is it possible to NAT route http depending on the used domain name?

fabian

Re: Is it possible to NAT route http depending on the used domain name?

gerflo09

Re: Is it possible to NAT route http depending on the used domain name?