@wontbeherelong bump. Exact same , love offense and haproxy but would like to auth with google workspace

@michmoor Figured it out, from Reddit of all places.
You can define multiple ACLs within the action field. This isnt documented for the GUI sadly BUT this works as a AND function.

FYI - if anyone else has this issue, the package is not supported by Netgate and there doesn't seem to be any obvious answer as to why this happens. I've given up now and gone with a DNS filtering solution instead of using Squid Guard.

@ads76
Thanks for coming back with the solution.

@lex-under-3182 said in HAproxy SSL offloading complicated setup:

It ignores the first one for multilevel subdomains and automatically applies the second one core.demo99.stage.domain1.icu

Yeah, multiple subdomains at the level of the star, which is the third: *.domain1.icu

So you can use it for any domain, which you can replace the star with any proper string in.
So it may work with stage.domain1.icu, but not with core.devph.stage.domain1.icu. This domain has five levels.

Nobody to help with HAProxy?
Thanks

Someone can help me please ?

I tried the most basic configuration with 1 frontend + offloading and the certificate is not presented.

There are some specifics parameters for the certificate ?

b9fd3338-354a-488b-8799-46e96f8a0f76-image.png

Thanks

@dant-will Rules work based on IP addresses only. That would make it even harder than blocking urls.

The issue was resolved following the steps said by @viragomann . The issue was indeed that the rules regarding the HAProxy on the firewall were on the WANs group. We changed them individually on the WAN1 and WAN2 firewall rules and it worked. Thanks.

@kom thanks, na i have to test other options, again thanks for your time and help!

@jonathanlee Screen Shot 2022-07-04 at 2.14.17 PM.png

I have never had issues like this before. Has something changed?