Hello,
I use TP-Link EAP in my house and use the Omada SDN controller to configure the EAPs. The Omada software requires that the port (default 8043) be included in every request -- otherwise it redirects to the url:8043.
I have been trying to set up the reverse proxy but have not been successful yet. I found these threads on the TP-Link community and I tried to follow the instructions for pfSense, but it has not worked for me in Opnsense.
https://community.tp-link.com/en/business/forum/topic/186224?page=4 (post #38)
https://community.tp-link.com/en/business/forum/topic/161624?replyId=559794
I tried to use the built-in Execute Function options in Opnsense --> Rules&Checks -->Rules and when that didn't work, I used the custom option (pass-through) and wrote down the exact rule as indicated in the TP-link forum posts. But still no dice !!!
Here's what I have so far:
OmadaRealServer: See image
OmadaConditionFQDN: See image
OmadaConditionShort: see image
OmadaRuleHeaderSetFQDN ; see image
The remaining rules images are in the next post.
Would someone please help me translate these so that I can reverse proxy the Omada SDN controller?
Thanks,
Omada Rules that I have set up currently:
OmadaRuleHeaderSetShort: see image
OmadaRuleBackend: see image
OmadaRuleCustomResponse : see image
Currently with all the listed conditions & rules, I only get a 503 Service not available error when trying to access https://omada.myshinydomain.com
HA Proxy Setup for Omada
### Omada Conditions ###
oc_condition_1
Condition type = Host matches
Host String = omada.domain.tld (your public domain)
oc_condition_2
Condition type = Host regex
Host Regex = ^omada\.domain\.ltd(:([0-9]){1,5})?$
### Omada Rules ###
oc_rule_1
Test type = IF[default]
Select conditions = oc_condition_1
Execute function = Use specified Backend Pool
Use Backend pool = omada_pool
oc_rule_2
Test type = IF[default]
Select conditions = oc_condition_1,oc_condition_2
Execute function = http-request header set
HTTP Header = host
Header Content = omada.domain.tld:8043
oc_rule_3
Select conditions = Nothing selected
Execute function = Custom Rule
Option pass-through = http-response replace-value location 8043 %[hdr(location),regsub(8043,443)]
### Omada Server ###
omada_server
Type = static
FQDN or IP = 192.168.1.0 (your localhost ip)
Port = 8043
Mode = active
SSL = true
Verify SSL Certificate = false
### Omada Pool ###
omada_pool
Servers = omada_server
Select Rules = oc_rule_2,oc_rule_3
### Public Service ###
public_https
Select Rules = oc_rule_1
Quote from: mace on August 18, 2022, 08:38:49 PM
### Omada Pool ###
omada_pool
Servers = omada_server
Select Rules = oc_rule_2,oc_rule_3
The only thing that I was missing was the selection of oc_rule_2 and oc_rule_3 in my omada_pool. I had everything else set up exactly as you described but I had found out all that information from various forums.
Thank you for posting this even after more than a year. Once I selected the 2 rules in my backend pool setup, everything worked as expected.