OPNsense Forum

English Forums => Web Proxy Filtering and Caching => Topic started by: ricardo-m on January 13, 2019, 10:47:33 pm

Title: [Solved] HAProxy Reverse Proxy
Post by: ricardo-m on January 13, 2019, 10:47:33 pm

Hi all,

I feel like I must have read every bit of discussion, and every bit of documentation about HAProxy in OPNsense.

However, I must be doing something wrong as it's just not working out for me.

I have an internal server: 192.168.1.5 (for example) using https on port 443
I also have a domain pointing to my network: example.com

What I am trying to do is use a reverse proxy to point a specific subdomain (e.g cloud.example.com) to the internal server, so that I can then use other subdomains for other purposes in the future.

I've tried HAProxy with no success. My configuration was as follows:

HAProxy
Real Server
Name: cloud_server
FQDN or IP: 192.168.1.5
Port: 443
Backend Pool
Name: backend_pool
Mode: HTTP (Layer 7)
Balancing Algorithm: Source-IP Hash
Servers: cloud_server
Condition
Name: cloud_condition
Expression: Host matches
Value: cloud.example.com
Rules
Name: cloud_rule
Type: IF
Condition: cloud_condition
Operator: AND
Action: Override server in Backend Pool
Use Server: cloud_server
Public Services
Name: cloud_frontend
Listen Addresses: localhost:8443
Type: HTTP/HTTPS
Default Backend Pool: backend_pool
Rules: cloud_rule

You can assume that anything I've left out is as default.

I've then got a NAT Port forward rule to point any a https request on the WAN to the firewall on port 8443

When I "Test Syntax" I get a warning:

Code: [Select]

[WARNING] 012/214554 (23332) : parsing [/usr/local/etc/haproxy.conf:52] : 'use-server' ignored because frontend 'cloud_frontend' has no backend capability.
[ALERT] 012/214554 (23332) : config : frontend 'cloud_frontend' : unable to find server 'cloud_server' referenced in a 'use-server' rule.
[ALERT] 012/214554 (23332) : Fatal errors found in configuration.Any help will be greatly appreciated!

Title: Re: HAProxy Reverse Proxy
Post by: greY on January 15, 2019, 02:22:51 pm

Hi

instead of
Rules
Name: cloud_rule
Type: IF
Condition: cloud_condition
Operator: AND
Action: Override server in Backend Pool
Use Server: cloud_server

try:
Rules
Name: cloud_rule
Type: IF
Condition: cloud_condition
Operator: none
Action: http-request allow

Title: Re: HAProxy Reverse Proxy
Post by: ricardo-m on January 15, 2019, 05:57:01 pm

Hi,

That works great! I knew I must have missed something simple.

Thanks for your help  :D