HTTP Host headers are not even seen by the firewall unless some type of Deep Packet Inspection is running or the firewall is the destination and runs a proxy to the other servers.
The alias method suggested will not work in this case (as you found) because pfSense does not check the host headers. Squid might be able to do the job, but I don't think the pfSense package of squid supports multiple FQDNs (Fully Qualified Domain Names). A quick look at the settings page shows only options for proxy by path, not by full URL. Once you install the plugin, look under Services -> Reverse Proxy for the settings. - Y On Sun, Dec 14, 2014 at 1:29 PM, Mike Bobkiewicz <sec...@commobil.de> wrote: > > Hello, > we have a problem: we´re running a pfSense 2.1.5 firewall with a single > WAN address in front of a DMZ zone with two web servers. What we now want > to do is that pfSense redirects a http call to server1.example.com to > webserver 1 and a http call to server2.example.com to webserver 2. > We have found two threads on the pfSense board but we couldn´t make them > run. > First thread mentioned to add aliases for the dns names and create > redirect nat rules. That doesn´t work because pfSense seams to replace the > dns entries from the aliases at run time so the first matching rule is the > winner: when server1.example.com is the first rule webserver 1 answers > for both server1.example.com and server2.example.com. After moving the > rule for server2.example.com before the server1 rule webserver 2 answers > all calls. > The second thread mentions to install the squid3 3.1.20 package and to use > it´s reverse proxy function but we can´t figure out where to find it in the > settings. > Any help or advice is highly welcome. > > Best regards, > > Mike Bobkiewicz > _______________________________________________ > List mailing list > List@lists.pfsense.org > https://lists.pfsense.org/mailman/listinfo/list >
_______________________________________________ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
