Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Web Proxy Filtering and Caching
(Moderator:
fabian
) »
HAproxy: not able to setup two services on single IP:Port
« previous
next »
Print
Pages: [
1
]
Author
Topic: HAproxy: not able to setup two services on single IP:Port (Read 1400 times)
blacklistme
Newbie
Posts: 6
Karma: 1
HAproxy: not able to setup two services on single IP:Port
«
on:
May 28, 2024, 05:15:48 pm »
Hi Gang,
I have spent several houres to configure haproxy as a simple reverse proxy for two different services on one single IP with the same Port. I have not succeeded and now I need your help please.
Config is as follows:
Real server 1: FQDN -> "fqdn.server1.intern" / Port -> 443 / SSL / SNI / fqdn.server1.intern / verify -> "myCA"
Real server 2: FQDN -> "fqdn.server2.intern" / Port -> 80
Backend pool 1: Server -> real server 1 (rest is default)
Backend pool 2: Server -> real server 2 (rest is default)
Public server 1: listen address -> "fqdn1:443" / certificate "fqdn1 acme" / selected rule -> Rule 1
Public server 2: listen address -> "fqdn2:443" / certificate "fqdn2 acme" / selected rule -> Rule 2
Condition 1: host matches -> Host string -> "sub.domain.de"
Condition 2: host matches -> Host string -> "domain.de"
Rule 1: If condition 1 -> use backend pool 1
Rule 2: If condition 2 -> use backend pool 2
That is my understading of how reverse proxy should select the right backend server depending on the host name that is called.
Enabling realserver 1 - everything is fine
Enabling realserver 2 - realserver 2 is working fine, too. But realserver 1 presents certificate from realserver 2 and passing the connection to realserver 1
- Type is HTTP/HTTPS
- IP is static, no NAT
I´m Pulling my hairs off - can´t get this to work...
Does anyone have any ideas?
Robin
Logged
Monviech (Cedrik)
Global Moderator
Hero Member
Posts: 1622
Karma: 178
Re: HAproxy: not able to setup two services on single IP:Port
«
Reply #1 on:
May 28, 2024, 05:25:32 pm »
If you don't want to pull your hair out, maybe give os-caddy a try. It can do what you need and is way easier to configure.
Here are the docs:
https://docs.opnsense.org/manual/how-tos/caddy.html
Logged
Hardware:
DEC740
Patrick M. Hausen
Hero Member
Posts: 6853
Karma: 575
Re: HAproxy: not able to setup two services on single IP:Port
«
Reply #2 on:
May 28, 2024, 05:33:22 pm »
You need to go with a single public server and two backends depending on the domain name.
Logged
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do.
(Isaac Asimov)
blacklistme
Newbie
Posts: 6
Karma: 1
Re: HAproxy: not able to setup two services on single IP:Port
«
Reply #3 on:
May 29, 2024, 07:43:21 am »
AWESOME! I love the community - I Love you
- many thanks!!!!
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Web Proxy Filtering and Caching
(Moderator:
fabian
) »
HAproxy: not able to setup two services on single IP:Port