OPNsense Forum

English Forums => Web Proxy Filtering and Caching => Topic started by: maweber on July 03, 2018, 02:33:01 am

Title: Concept Question: HAproxy plus LAN access - internal IP
Post by: maweber on July 03, 2018, 02:33:01 am
Hi all

I have a basic question that I don't seem to find an answer for.
Say I use HAproxy as a SSL/Non-SSL reverse-proxy of my Non-SSL webpages in a DMZ.
I have an interest to also use HAproxy from the LAN1, because it handles the LetsEncrypt Certs, and the servers dont have SSL enabled.

On which internal IP do I set HAproxy for LAN access?

- I use split-horizon DNS
- loop-back on WAN is blocked because of the (useful) privatenet/bogus-rule I guess?
- There will be more LANs, this IP should be shared accross them

I tested that using the DMZ Router IP works, publishing it via the internal DNS. But I guess that way traffic passes through the router twice?

Thanks a lot
Best Manu
Title: Re: Concept Question: HAproxy plus LAN access - internal IP
Post by: zwck on September 09, 2018, 12:58:22 pm
you can only get this fixed with a dns overwrite