@jdenny If you use the HTTP check, you will need to configure it properly. You can specify the method, URL and also the protocol version. Note that HAproxy just request the server by its IP and port as stated in the backend setting. It doesn't send a host header to the backend. If your server requires this, the check will fail. Also it just requests the server root / if you didn't state any other URL. So ensure, that your server is responding to such requests.

Do you have a blacklist?

@accidentallyadmin I use them with Godaddy, Sectigo and more. no issues - one of the best "features" with pfsense/Haproxy combo imho. :)

@AndyD Finally an explanation what happened after 2.4 where HAProxy performance dropped like a stone :), lets hope this comes to CE version too.

@JonathanLee There is an Unofficial-pfSense WPAD package https://forum.netgate.com/topic/116163/unofficial-wpad-package-for-pfsense-software https://github.com/freitasbr/unofficial-pfsense-wpad Works really well if you want to run a proxy and do not want to fully rely on the transparent proxy (which can have connection issues on some programs like sites not working in chrome). You can also set it up manually however the package makes it easy.

Check to see if your ports are set correctly.

@JonathanLee Thats really great news, sorry was not following this since long (I switched from IT to Development). So to clean things up I will be closing PR and Redmine issue. Best Maharsh.

@viragomann Yes, the host is reachable and the exchange server has the correct certificate. If I use normal portforwarding without a HAProxy at ports 80+443 from pfsense to the exchange server everything works properly.

@viragomann Thanks so much for your help. I finally got it working with WAN and LAN

Some sites you need to splice it is complex software to configure. Don't give up you got your splice list keep going...