Concept Question: HAproxy plus LAN access - internal IP

[maweber]

Hi all

I have a basic question that I don't seem to find an answer for.
Say I use HAproxy as a SSL/Non-SSL reverse-proxy of my Non-SSL webpages in a DMZ.
I have an interest to also use HAproxy from the LAN1, because it handles the LetsEncrypt Certs, and the servers dont have SSL enabled.

On which internal IP do I set HAproxy for LAN access?

- I use split-horizon DNS
- loop-back on WAN is blocked because of the (useful) privatenet/bogus-rule I guess?
- There will be more LANs, this IP should be shared accross them

I tested that using the DMZ Router IP works, publishing it via the internal DNS. But I guess that way traffic passes through the router twice?

Thanks a lot
Best Manu

[zwck]

you can only get this fixed with a dns overwrite