Is it possible to NAT route http depending on the used domain name?

Started by gerflo09, May 27, 2016, 01:24:25 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
May 27, 2016, 01:24:25 AM
I like to achieve, that opnsense routes the http packets from WAN interface to different LAN/DMZ servers, depending on the used domain name, like apache or nginx does with virtual hosts.
How can I get that behavior?
May 27, 2016, 02:13:36 PM #1
you need a reverse proxy which can do this - maybe the plug in haproxy can help you. If not, OPNsense has lighttpd installed as webserver for the gui. You can run your own instance of it as a reverse proxy if you like but you have to configure it by yourself.
https://redmine.lighttpd.net/projects/1/wiki/Docs_ModProxy
May 29, 2016, 01:00:27 AM #2 Last Edit: May 29, 2016, 11:59:39 AM by gerflo09
cool - following here is the configuration for haproxy I like to achieve, but how can I put this into OPNsense, since I cannot edit haproxy.cfg directly - or can I?

global
    daemon
    maxconn 4096

defaults
    mode http
    timeout connect 5000ms
    timeout client 50000ms
    timeout server 50000ms

frontend http-in
    bind *:443
    acl is_site1 hdr_end(host) -i www.domain_one.com
    acl is_site2 hdr_end(host) -i www.domain_two.com

    use_backend site1 if is_site1
    use_backend site2 if is_site2

backend site1
    balance roundrobin
    option httpclose
    option forwardfor
    server s2 192.168.0.13:443 maxconn 32

backend site2
    balance roundrobin
    option httpclose
    option forwardfor
    server s2 192.168.0.12:443 maxconn 32
Print
Go Up Pages1
User actions