HAProxy can also be used for this.
Brian Henson schreef op 14-12-2014 20:13:
I second using a reverse proxy for this. You can use the squid package
or even use the Mod_security and proxy pass directive
On Sun, Dec 14, 2014 at 1:44 PM, Yehuda Katz <[email protected]
<mailto:[email protected]>> wrote:
HTTP Host headers are not even seen by the firewall unless some
type of Deep Packet Inspection is running or the firewall is the
destination and runs a proxy to the other servers.
The alias method suggested will not work in this case (as you
found) because pfSense does not check the host headers.
Squid might be able to do the job, but I don't think the pfSense
package of squid supports multiple FQDNs (Fully Qualified Domain
Names).
A quick look at the settings page shows only options for proxy by
path, not by full URL.
Once you install the plugin, look under Services -> Reverse Proxy
for the settings.
- Y
On Sun, Dec 14, 2014 at 1:29 PM, Mike Bobkiewicz
<[email protected] <mailto:[email protected]>> wrote:
Hello,
we have a problem: we´re running a pfSense 2.1.5 firewall with
a single WAN address in front of a DMZ zone with two web
servers. What we now want to do is that pfSense redirects a
http call to server1.example.com <http://server1.example.com>
to webserver 1 and a http call to server2.example.com
<http://server2.example.com> to webserver 2.
We have found two threads on the pfSense board but we couldn´t
make them run.
First thread mentioned to add aliases for the dns names and
create redirect nat rules. That doesn´t work because pfSense
seams to replace the dns entries from the aliases at run time
so the first matching rule is the winner: when
server1.example.com <http://server1.example.com> is the first
rule webserver 1 answers for both server1.example.com
<http://server1.example.com> and server2.example.com
<http://server2.example.com>. After moving the rule for
server2.example.com <http://server2.example.com> before the
server1 rule webserver 2 answers all calls.
The second thread mentions to install the squid3 3.1.20
package and to use it´s reverse proxy function but we can´t
figure out where to find it in the settings.
Any help or advice is highly welcome.
Best regards,
Mike Bobkiewicz
_______________________________________________
List mailing list
[email protected] <mailto:[email protected]>
https://lists.pfsense.org/mailman/listinfo/list
_______________________________________________
List mailing list
[email protected] <mailto:[email protected]>
https://lists.pfsense.org/mailman/listinfo/list
_______________________________________________
List mailing list
[email protected]
https://lists.pfsense.org/mailman/listinfo/list
_______________________________________________
List mailing list
[email protected]
https://lists.pfsense.org/mailman/listinfo/list
