Messages

This is an excellent tutorial. I'm fairly new to opnsense, and this was a great start to get me going getting the services up and running. @TheHellSite I appreciate the work you have dedciated to it, despite your busy schedule. Thank you.

With OPNsense 26.1.9, some of the settings have moved or not available, so there were placed I had to think and google to proceed. Ideally, the guide should be updated, but I know its a big ask.

There isn't a need to enable NAT reflection it seems (which puzzled me a little bit why it was working to connect from LAN). What I think happens is when a package from LAN destined for the public IP, opnsense will see that the package is for itself using its public facing IP and send it directly to HAproxy without NAT due to its `0.0.0.0:443` listen of `0_SNI_frontend`. So perhaps "part 6" should be updated? I'm left with the open question: When do we use option A) Split DNS or B) NAT reflection when option 0) Do nothing seems to work?

Is it always necessary to create a backend and a server when there is 1 to 1 relationship between the two? Can it be combined somehow? I assume this is a core design of HAProxy?