OPNsense Forum

Archive => 18.7 Legacy Series => Topic started by: 0xDEADC0DE on September 30, 2018, 01:35:52 pm

Title: haproxy port 443 questions
Post by: 0xDEADC0DE on September 30, 2018, 01:35:52 pm

I have some difficulties setting up haproxy in this configuration:

WAN access to port 443 https distributes access to different backend servers depending on domain name is working.
LAN access to port 443 for OPNsense GUI doesn't work.
I can access it when I change it to e.g. port 9999.
How can I configure this setup? Is it even possible?

Title: Re: haproxy port 443 questions
Post by: mahescho on September 30, 2018, 02:08:09 pm

I've not tested this yet, but I think you got hit by the problem I've asked a few days ago about. See @franco s answer here:

https://forum.opnsense.org/index.php?topic=9788.msg44768#msg44768

I think HAproxy binds to 443 on all interfaces. @franco suggested to me to do the configuration manually to make HAproxy (in my case NginX) to one ore more interfaces and not to all.

IMHO making service binds configurable should be # 1 on the list of development todos :)

Title: Re: haproxy port 443 questions
Post by: 0xDEADC0DE on October 01, 2018, 12:01:17 am

I think I will try to use port 9999 and redirect from 443 to 9999 with haproxy.
Perhaps it works.

Is there a good explanation between the two modes "http / https" and "https tcp"?