Print Page - Not able to reach PC with HA Proxy. Isn't there a guide?

Title: Not able to reach PC with HA Proxy. Isn't there a guide?
Post by: WhiteTiger on February 09, 2024, 04:17:11 PM

Is there no official guide to set up HA Proxy?
I'm following several unofficial guides, but I can't make any progress.

I have a NAS on LAN (192.168.100.100) reachable with port 55555 that I would like to reach remotely using HA Proxy.

The DNS domain points to the router's static public address
With a ping the my-domain can be reached.
A Let's Encrypt certificate is configured on this domain and is recognized and active.
On the router, port 55555 is configured with a forward to the OPNsense WAN address.

In HAProxy Settings I configured (with the other default options):
Real Server
* Type = Static
* FQDN or IP = 192.168.100.100
* SSL = On

Backends
* Mode = TCP (Layer 4)
* Servers: The RealServer created

Condition
* Condition type = SourceIP: TCP source port
* Comparison = equal
* Source port = 55555

Rule
* Test type = IF
* Select conditions = The Condition created
* Execute function = Use Specific Backend Pool
* Use backend pool = The created Backend

Public Service
Listen Addresses = 192.168.100.1:55555
* Type = TCP
* Detailed Logging = On
* Selected rule = The rule created

NAT rule
* Source = Any/*
* Destination = This Firewall
* Destination Port = 55555
* NAT Address = Interface address
* NAT Port = *
* Static Port = No

WAN rule (with loggin)
* IPV4 TCP protocol
* Source = Any/*
* Destination = WAN Address
* Destination port = 55555

From a second PC connected to the Internet, if I type https://my-domain:55555 I get a connection Time Out error.
In Logs Live View the WAN rule is accepted
There are no errors in HAProxy Log File.

I had previously configured the various options with HTTP/HTTPS (SSL Offloading) [default] and with the host matches = FQDN option (with and without port 55555).
But the result is always the same. The WAN rule is OK, and no errors in HA Proxy.

Thanks in advance

Title: Re: Not able to reach PC with HA Proxy. Isn't there a guide?
Post by: meyergru on February 09, 2024, 05:16:22 PM

If you take a very short look into the tutorial section, you will most likely find a guide that is always in the top ten because the thread is very active.

Title: Re: Not able to reach PC with HA Proxy. Isn't there a guide?
Post by: WhiteTiger on February 10, 2024, 09:46:02 AM

Quote from: meyergru on February 09, 2024, 05:16:22 PM
If you take a very short look into the tutorial section, you will most likely find a guide that is always in the top ten because the thread is very active.

If you're referring to the "A+" tutorial, it didn't work for me.
In any case, I don't like it much because it adds a complexity that in my opinion is unnecessary.

Besides that I don't think there are any other tutorials.

OPNsense Forum

English Forums => High availability => Topic started by: WhiteTiger on February 09, 2024, 04:17:11 PM