Dear HAProxy Developers,

After incorporating insights from Bryan Talbot and articles from Baptiste Assman on HAProxy Web site, we have been able to get the basic configuration of HAProxy going. Now we are adding configuration to access specific products in our LAN.

We would like to access Product1 via URL:

Output URL from the Product1 server should be:

What we are getting:  https://Internal_IP:14443/Product1/signin?xyz

The server presents the right page, but with internal IP address of the server. Hence, the product can only be accessed from internal LAN, not from WAN. What are we missing?

Below is the configuration deployed.





frontend webapps-frontend

bind          *:80 name http

    bind *:443 name https ssl crt /path/to/server.pem

log           global

    option    forwardfor

    option httplog clf

    reqadd X-Forwarded-Proto:\ https if { ssl_fc }

reqadd X-Forwarded-Proto:\ http if !{ ssl_fc }

#http-request add-header X-Forwarded-Proto:\ https if { ssl_fc } # Don't know how to use it instead of reqadd

#http-request add-header X-Forwarded-Proto:\ http if !{ ssl_fc } # Don't know how to use it instead of reqadd

acl host_https req.hdr(Host) # 14443 is due to port forwarding deployment

acl path_subdomain_p1 path_beg -i /Product1

use_backend subdomain_p1-backend if host_https path_subdomain_p1

backend subdomain_p1-backend

http-request set-header Host <internal_IPxx.yy.zz.ww:portpppp>

reqirep ^([^\ ]*)\ /Product1/?([^\ ]*)\ (.*)$       \1\ /Product1\2\ \3

acl hdr_location res.hdr(Location) -m found

#http-response replace-header Host (.*) %%HP if hdr_location # This is not working

rspirep ^(Location:)\ (https?://([^/]*))/(.*)$ \1\ http://\3/Product1/\4 if hdr_location

server Product1.VM0 <internal_IPxx.yy.zz.ww:portpppp> cookie c check

Thank you.



Susheel Jalali

Coscend Communications Solutions

Elite Premio Complex Suite 200,  Pune 411045 Maharashtra India

Web site:

CONFIDENTIALITY NOTICE: See 'Confidentiality Notice Regarding E-mail Messages from Coscend Communications Solutions' posted at:

Reply via email to