Not able to reach PC with HA Proxy. Isn't there a guide?

Started by WhiteTiger, February 09, 2024, 04:17:11 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
February 09, 2024, 04:17:11 PM
Is there no official guide to set up HA Proxy?
I'm following several unofficial guides, but I can't make any progress.

I have a NAS on LAN (192.168.100.100) reachable with port 55555 that I would like to reach remotely using HA Proxy.


  • The DNS domain points to the router's static public address
  • With a ping the my-domain can be reached.
  • A Let's Encrypt certificate is configured on this domain and is recognized and active.
  • On the router, port 55555 is configured with a forward to the OPNsense WAN address.

In HAProxy Settings I configured (with the other default options):
Real Server
* Type = Static
* FQDN or IP = 192.168.100.100
* SSL = On

Backends
* Mode = TCP (Layer 4)
* Servers: The RealServer created

Condition
* Condition type = SourceIP: TCP source port
* Comparison = equal
* Source port = 55555

Rule
* Test type = IF
* Select conditions = The Condition created
* Execute function = Use Specific Backend Pool
* Use backend pool = The created Backend

Public Service
Listen Addresses = 192.168.100.1:55555
* Type = TCP
* Detailed Logging = On
* Selected rule = The rule created

NAT rule
* Source = Any/*
* Destination = This Firewall
* Destination Port = 55555
* NAT Address = Interface address
* NAT Port = *
* Static Port = No

WAN rule (with loggin)
* IPV4 TCP protocol
* Source = Any/*
* Destination = WAN Address
* Destination port = 55555


From a second PC connected to the Internet, if I type https://my-domain:55555 I get a connection Time Out error.
In Logs Live View the WAN rule is accepted
There are no errors in HAProxy Log File.

I had previously configured the various options with HTTP/HTTPS (SSL Offloading) [default] and with the host matches = FQDN option (with and without port 55555).
But the result is always the same. The WAN rule is OK, and no errors in HA Proxy.

Thanks in advance
February 09, 2024, 05:16:22 PM #1
If you take a very short look into the tutorial section, you will most likely find a guide that is always in the top ten because the thread is very active.
Intel N100, 4 x I226-V, 16 GByte, 256 GByte NVME, ZTE F6005

1100 down / 800 up, Bufferbloat A+
February 10, 2024, 09:46:02 AM #2
Quote from: meyergru on February 09, 2024, 05:16:22 PM
If you take a very short look into the tutorial section, you will most likely find a guide that is always in the top ten because the thread is very active.

If you're referring to the "A+" tutorial, it didn't work for me.
In any case, I don't like it much because it adds a complexity that in my opinion is unnecessary.

Besides that I don't think there are any other tutorials.
Print
Go Up Pages1
User actions