Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
Do I need a DMZ when haproxy is in OPNsense?
« previous
next »
Print
Pages: [
1
]
Author
Topic: Do I need a DMZ when haproxy is in OPNsense? (Read 808 times)
sidekick
Newbie
Posts: 5
Karma: 0
Do I need a DMZ when haproxy is in OPNsense?
«
on:
March 19, 2023, 08:21:02 pm »
Hello all
I am a bit confused so my question may seem quite silly.
My previous dev setup was all local. I had vlans setup on my managed switch. So haproxy was a standalone pc, hitting on the docker swarm managers which in turn hit on the docker swarm workers. It all worked well even with traefik and letsencrypt on the mangers, issueing certificates and load balancing everything. I could run domains I had registered, for short periods, for testing and https purposes.
Now the plan is to put the firewall (Opnsense) in front of the swarm, using the built-in haproxy plugin to hit the docker swarm managers in the back. That's the plan.
But I have been battling with the question of whether I now still need a DMZ zone. If Haproxy is run as a Opnsense plugin, doesn't that make Opnsense a loadbalancer/proxy? And if so, isn't Opnsese (or a part of it) also a DMZ?
Or do I have it all wrong? If haproxy will now be an opensense plugin, do my docker swarm managers still have to remain in a DMZ?
Your input will be highly appreciated.
Thank you
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
Do I need a DMZ when haproxy is in OPNsense?