@compsmith said in haproxy connectwise control (screen connect) relay internally not working:

DNS resolver has a Host Override with the screen connects subdomain pointing to the lan ip of the pfsense firewall.

Remove this.

@M-Aly I don't know the answer to your problem but I would suggest if you need a reverse proxy that you just use HAProxy.

Not only is HAProxy designed specifically to be a reverse proxy and load balancer, (while it is really only a secondary feature of Squid) netgate have said they are removing Squid from PFSense in the next major version release (presumably 2.8.0) so any time you spend setting this up and getting it working is going to be wasted when Squid is removed... so you might as well set up HAProxy from the beginning.

@bnangle thank you worked great!!

@johnpoz
so practically if or if I have to install the certificate on my nas synology
I handle some networking, but the truth is super weird to believe that there is no possibility that a firewall can not be configured in some existing way so that in tcp load the certificate
because in many forums people want pfsense/haproxy to take care of this, not the nas (for the same reason they don't want to install the certificate on their nas).
I hope to find someday the solution or the firewall or the steps to allow it to somehow load the certificate and not the equipment (nas synology).

you would know how to configure to do it pfsense/haproxy or you really do not know (that's why you give me the simplest option that is repeated in all places)

@justme2 Gotcha, well this is a good start at least. I'm considering the same platform for a proper 10 gigabit system (WAN side with NAT) as my Netgate 6100 isn't keeping up with my new WAN provider. QAT is fairly important for me though as well.

@zari90

9f4edffa-17ca-46b5-a78c-d09c12e60e91-image.png

got it working thanks guys appreciate the replies and the help switch from http to basic and it went green, switched it back to http and it went red then switched to ssl because it has a cert attached with my domain and it worked again

@michaelschefczyk
No issues here. However, I don't use haproxy-devel.

Can you please share a screenshot?

Alguém encontrou solução para este problema?

@KOM thanks for the reply, I love this program, again not many people play around with storeID so I think I have replied to some older posts on it. The caching part of squid is amazing. It’s the $5 or static parts of the text files for the program that lack information on what they do. There is really no explanation on why the database files use that.

it would be REALLY SLICK if someone were to develop a web gui for it, kinda like ntopng where you install clamav and then navigate to a web address:port-number and have a dedicated page for all things clamav..

I doubt there's even a way to request that, along with the considerable resources it would take to develop it.

@JonathanLee said in StoreID and Squid "helper program":

Does anyone work with Store ID?

Unfortunately no, I didn't.. splice all with cache disabled for me.
Squid/Squidguard was just to filter SNI header..

@braunerroei said in Haproxy Reverse proxy to old machine with old cipher:

multitech fax finder FF130

You can just connect a modern computer with your VoIP account from the ISP via App, get a cheap call center (grandstream or something), or even put a pcie pstn modem on a PC, they will all handle fax...Even fax and imaging of Windows can handle that. That thing will never again play with other devices. I read the manual. It's pre-WindowsXP...

@jaoms2024 said in URL Blacklist squidGuard:

http://dsi.ut-capitole.fr/blacklists/download/blacklists_for_pfsense.tar.gz

I just updated and it works still

Begin blacklist update Start download. Download archive http://dsi.ut-capitole.fr/blacklists/download/blacklists_for_pfsense.tar.gz Download complete Unpack archive Scan blacklist categories. Found 64 items. Start rebuild DB. Copy DB to workdir. Reconfigure Squid proxy. Blacklist update complete.

@JonathanLee ow, good to hear that 👍

@hhbarnes

Is it better to use HAPROXY with DMZ ?