OPNsense Forum

English Forums => Web Proxy Filtering and Caching => Topic started by: sairfan1 on August 10, 2022, 08:38:28 pm

Title: Web request directing to web server
Post by: sairfan1 on August 10, 2022, 08:38:28 pm

Its a learning setup, I have 3 domains registered with godaddy, I updated A record with my public static IP
On my environment I have 3 machines running web apps for each domain (i want to keep web apps on separate computers) If i port forward to any of machine's IP, I can load the website, that means everything is working good.

What i want to achieve is I want to use that single IP for multiple web servers (PCs) I want to learn how can i achieve this using OPNsense.

Title: Re: Web request directing to web server
Post by: zz00mm on August 10, 2022, 10:08:14 pm

Looks like you have 3 options:

1) Port forward a different port for each domain thru the firewall to the web server for that domain. (Do this to test if the website is working thru firewall)

2) Put all the domain web pages on 1 Server, port forward thru the firewall to web server and let host headers do the work for you. (This is what I have used in the past)

3) Setup a reverse proxy that you port forward to thru the firewall and then let the reverse proxy do it's work. If you get this to work, then you could move your reverse proxy to the firewall if desired as NGINX is an option as well as traefik (traefik can be retreived by using the mimugmail repo addin)

Thats all I can provide as I'm currently working on option #3 without port forwarding at this time.

Happy firewalling

Title: Re: Web request directing to web server
Post by: sairfan1 on August 11, 2022, 05:59:42 pm

Quote

1) Port forward a different port for each domain thru the firewall to the web server for that domain. (Do this to test if the website is working thru firewall)

What i believe we can't single port forward to multiple ips

Quote

2) Put all the domain web pages on 1 Server, port forward thru the firewall to web server and let host headers do the work for you. (This is what I have used in the past)

I know it can be done, but i'm learning how to do it if we have 3 web servers separately 

Quote

3) Setup a reverse proxy that you port forward to thru the firewall and then let the reverse proxy do it's work. If you get this to work, then you could move your reverse proxy to the firewall if desired as NGINX is an option as well as traefik (traefik can be retreived by using the mimugmail repo addin)

Can we install NGINX on OPNsense and there some API to programmatically add new domains in the future?

BTW how hosting companies handle such things? do they also use reverse proxy?

Title: Re: Web request directing to web server
Post by: sairfan1 on August 16, 2022, 09:46:41 pm

Can we use Unbound DNS for outside traffic as well? if yes, how can we configure it on the OPNsense firewall, thanks