Actually I think I characterized this problem the wrong way. It appears that neither haproxy nor nginx (when used as a proxy) are reliable on our pfSense firewall. They will work for a while, then they stop passing traffic for a while, then they work awhile. Restarting them doesn't make them responsive immediately. I am at a loss to explain this. I've confirmed there are no other processes listening on port 443 on any IP (virtual or physical). If anyone has ideas I'd love to hear them.
--cro On Fri, Dec 11, 2015 at 8:14 AM, C. R. Oldham <[email protected]> wrote: > Greetings, > > We've recently replaced both our routers with pfSense. I am using tinc > for site-to-site VPN and OpenVPN for clients to connect. > > Since some of our support engineers often end up onsite with customers, I > want to enable OpenVPN over TCP port 443--we've noticed that many of our > customers block outbound UDP, but using the https port works fine. > > However, we also have haproxy on our firewall proxying for some web > applications on port 443. but on a different virtual IP from OpenVPN. If I > enable OpenVPN on the TCP port, haproxy stops working, even though they are > listening on different IPs. > > I have appropriate firewall rules for both virtual IPs in place. > > Can anyone shed some insight on how I can fix this? > > Thanks. > > --cro > > _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
