OPNsense Forum

English Forums => Web Proxy Filtering and Caching => Topic started by: Mann-IT on June 22, 2018, 03:53:07 pm

Title: HAproxy Exchange asking external Ip show on Client behind.
Post by: Mann-IT on June 22, 2018, 03:53:07 pm

HI,

ask the pro's among you.
I use the Open as HA Proxy with Lets encrypt to publish an Exchange.
Works great and never has problems.
On the Exchange, Cyperarms I used to have as a hedge against hacking accounts.
I would like to activate again, but this does not work because he only sees the IP address of opensense.
So the question to the professionals, one can set the HAproxy so that he passes on the IP requests from external to internal so Cyperarms can block the access again?

Greeting Mario

Title: Re: HAproxy Exchange asking external Ip show on Client behind.
Post by: fabian on June 22, 2018, 08:19:38 pm

You can inject a header into the request (X-FORWARD-FOR) or use the PROXY protocol if this methods are supported.

Title: Re: HAproxy Exchange asking external Ip show on Client behind.
Post by: Mann-IT on June 22, 2018, 11:26:55 pm

HI,

Cyperarms can only ban an ip if he knows which ip it is.
He regonize an failure login and look when it is more then 3 times he block the ip.

Or can such thing can do with opensense and fail2ban?

Greetings