1
19.7 Legacy Series / Setting up HAProxy for basic port forward
« on: March 21, 2019, 09:43:10 am »
Hello all,
I'm a long time (somewhat) advanced computer/network hobbyist. Until recently, I've always used off the shelf router/firewall/WAP all in ones (most recently Asus.) With the desire to escalate my hobby to the next level (and the fact I'm no longer trusting the all-in-ones) I'm upgrading my network. The first stage is the OPNSense router. This, I have installed on an appliance running a Core i7-7500U. (I've repurposed the Asus as my WAP with the ultimate goal of changing over to Unifi and having 3 vlans.)
With the old Asus, it was easy to setup both DDNS and port forward. Since this is a homelab type setup, I have some IoT devices that I want to remote access. (This time of year, my sprinkler controller.) I've been using my server as a test bed for configuration (Webmin, port 10000, not going to leave it open when I figure out how to make this work) and using my cell phone on 4g for the WAN access test. Also using class b network, 172.18.x.x/21 Server is 172.18.2.1, static.
When I try to access it from my phone, I jet get a timeout on the connection. What am I missing? I've read who knows what and searched to the ends of the web, and I'm lost.
I also bought a domain on namecheap (ex. homenet.me) and have DDNS setup and working. Following are the settings:
Namecheap:
A + Dynamic - Host: * Value: 67.182.x.x TTL: Automatic
Cname Record - Host: * Value: homenet.me TTL: Automatic
URL Redirect Record - Host: @ Value: http://www.homenet.me/ Unmasked
I've opened port 10000 in the firewall using the following and verified open using Gibson Research Shields Up
Interface: WAN
TCP/IP Version: IPv4
Protocol: TCP/UDP
Source: Any
Source port range: Any
Destination: WAN
Destination port range:10000-10000
Redirect target IP: server (using an alias I have working within the lan)
Redirect target port: 10000
Also created a Virtual IP as this is on a dynamic ip WAN:
Mode: IP Alias
Interface: Wan
Address: 172.18.2.2
Everything else is default config.
In HAProxy: (Unless specified, the other settings are default values.)
Real server:
Name: ServerWebmin
Description: Webmin
FQDN or IP: 172.18.2.1
Port: 10000
Mode: Active
Backend Pools:
Name: ServerWebmin_Backend
Mode: HTTP
Servers: ServerWebmin
Conditions:
Name: ServerWebmin_Condition
Condition Type: Path Starts With
Path Prefix: /*
Rules:
Name: ServerWebmin_Rule
Select Condition: ServerWebmin_Condition
Public Service:
Name: ServerWebmin_Public
Listen Address: 172.18.2.2:10000
Default Backend Pool: ServerWebmin_Backend
Select Rules: ServerWebmin_Rule
Thanks in advance.
I'm a long time (somewhat) advanced computer/network hobbyist. Until recently, I've always used off the shelf router/firewall/WAP all in ones (most recently Asus.) With the desire to escalate my hobby to the next level (and the fact I'm no longer trusting the all-in-ones) I'm upgrading my network. The first stage is the OPNSense router. This, I have installed on an appliance running a Core i7-7500U. (I've repurposed the Asus as my WAP with the ultimate goal of changing over to Unifi and having 3 vlans.)
With the old Asus, it was easy to setup both DDNS and port forward. Since this is a homelab type setup, I have some IoT devices that I want to remote access. (This time of year, my sprinkler controller.) I've been using my server as a test bed for configuration (Webmin, port 10000, not going to leave it open when I figure out how to make this work) and using my cell phone on 4g for the WAN access test. Also using class b network, 172.18.x.x/21 Server is 172.18.2.1, static.
When I try to access it from my phone, I jet get a timeout on the connection. What am I missing? I've read who knows what and searched to the ends of the web, and I'm lost.
I also bought a domain on namecheap (ex. homenet.me) and have DDNS setup and working. Following are the settings:
Namecheap:
A + Dynamic - Host: * Value: 67.182.x.x TTL: Automatic
Cname Record - Host: * Value: homenet.me TTL: Automatic
URL Redirect Record - Host: @ Value: http://www.homenet.me/ Unmasked
I've opened port 10000 in the firewall using the following and verified open using Gibson Research Shields Up
Interface: WAN
TCP/IP Version: IPv4
Protocol: TCP/UDP
Source: Any
Source port range: Any
Destination: WAN
Destination port range:10000-10000
Redirect target IP: server (using an alias I have working within the lan)
Redirect target port: 10000
Also created a Virtual IP as this is on a dynamic ip WAN:
Mode: IP Alias
Interface: Wan
Address: 172.18.2.2
Everything else is default config.
In HAProxy: (Unless specified, the other settings are default values.)
Real server:
Name: ServerWebmin
Description: Webmin
FQDN or IP: 172.18.2.1
Port: 10000
Mode: Active
Backend Pools:
Name: ServerWebmin_Backend
Mode: HTTP
Servers: ServerWebmin
Conditions:
Name: ServerWebmin_Condition
Condition Type: Path Starts With
Path Prefix: /*
Rules:
Name: ServerWebmin_Rule
Select Condition: ServerWebmin_Condition
Public Service:
Name: ServerWebmin_Public
Listen Address: 172.18.2.2:10000
Default Backend Pool: ServerWebmin_Backend
Select Rules: ServerWebmin_Rule
Thanks in advance.