I second using a reverse proxy for this. You can use the squid package or even use the Mod_security and proxy pass directive
On Sun, Dec 14, 2014 at 1:44 PM, Yehuda Katz <yeh...@ymkatz.net> wrote: > > HTTP Host headers are not even seen by the firewall unless some type of > Deep Packet Inspection is running or the firewall is the destination and > runs a proxy to the other servers. > > The alias method suggested will not work in this case (as you found) > because pfSense does not check the host headers. > > Squid might be able to do the job, but I don't think the pfSense package > of squid supports multiple FQDNs (Fully Qualified Domain Names). > A quick look at the settings page shows only options for proxy by path, > not by full URL. > Once you install the plugin, look under Services -> Reverse Proxy for the > settings. > > - Y > > > On Sun, Dec 14, 2014 at 1:29 PM, Mike Bobkiewicz <sec...@commobil.de> > wrote: >> >> Hello, >> we have a problem: we´re running a pfSense 2.1.5 firewall with a single >> WAN address in front of a DMZ zone with two web servers. What we now want >> to do is that pfSense redirects a http call to server1.example.com to >> webserver 1 and a http call to server2.example.com to webserver 2. >> We have found two threads on the pfSense board but we couldn´t make them >> run. >> First thread mentioned to add aliases for the dns names and create >> redirect nat rules. That doesn´t work because pfSense seams to replace the >> dns entries from the aliases at run time so the first matching rule is the >> winner: when server1.example.com is the first rule webserver 1 answers >> for both server1.example.com and server2.example.com. After moving the >> rule for server2.example.com before the server1 rule webserver 2 answers >> all calls. >> The second thread mentions to install the squid3 3.1.20 package and to >> use it´s reverse proxy function but we can´t figure out where to find it in >> the settings. >> Any help or advice is highly welcome. >> >> Best regards, >> >> Mike Bobkiewicz >> _______________________________________________ >> List mailing list >> List@lists.pfsense.org >> https://lists.pfsense.org/mailman/listinfo/list >> > > _______________________________________________ > List mailing list > List@lists.pfsense.org > https://lists.pfsense.org/mailman/listinfo/list >
_______________________________________________ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
