HA Proxy Portainer Agent

Laxarus

I am trying to reverse proxy the edge agent for the portainer but websocket fails to connect. I can see the status of the agent as online but when I try to manually connect agent gives error.

I've tried everything I could think of but I need a little outside help from more experienced people I think.

Some background info:
Portainer uses 9443 for HTTPS and 8000 for WS.

This test environment is all internal but I will later deploy it as remote.
I have successfully added the portainer to my ACL rules and it can be accessed with no problem.
Agent has been deployed to another local docker host and the connection status shows as up on the main portainer page.

When I try to manage the remote machine through my portainer master. I see "Connecting to the Edge environment..." then this error msg "There was an issue connecting to edge agent via tunnel. Click 'Retry' below to retry now, or wait 10 seconds to automatically retry."

On the agent logs on remote machine:
023/07/13 00:12:00 client: Connecting to ws://portainer.mydomain.org:8000
2023/07/13 00:12:10 client: Connection error: dial tcp 10.10.10.10:8000: operation was canceled
2023/07/13 00:12:10 client: Give up

So I see that when I try to initiate a connection from the host, the remote machine tries to open a ws connection but fails. 10.10.10.10 is the virtual ip for the pfsense.

Upon seeing that I have followed following guides but I saw no improvement
https://www.haproxy.com/blog/websockets-load-balancing-with-haproxy

## routing based on Host header
  acl host_ws hdr_beg(Host) -i ws.portainer
  use_backend bk_ws if host_ws

https://portainer-notes.readthedocs.io/en/latest/faq.html

acl portainer   hdr_end(host)   -i portainer.mydomain.org
use_backend     portainer       if portainer

Any help would be appreciated here. I can provide more information if requested.
Everything works fine if I use local IP instead of reverse proxy.