HA Proxy with multiple Public IP's
-
Hello,
I have a private web_server running on port 80. I would like to have pfsense terminate the ssl cert and then redirect traffic to the internal server. I have a /27 configured on my firewall and I would like to use one of my unused IP's for this. I am using the video below as a reference.
https://forums.serverbuilds.net/t/guide-reverse-proxy-via-haproxy-acme-on-pfsense/3513
When I configure the HAProxy frontend. I am doing the frontend section. I called the name "https_shared" I am setting "external address -> Listen address" to custom addrress and then putting my public IP there and setting the port to 443 with SSL offloading. When I attempt to save the settings, I get the following error message. If I select the WAN Address, it works, but I dont want to use that IP.
"
[NOTICE] (62594) : haproxy version is 2.8.3-86e043a
[NOTICE] (62594) : path to executable is /usr/local/sbin/haproxy
[ALERT] (62594) : Binding [/var/etc/haproxy/haproxy.cfg:27] for frontend https_shared-merged: cannot bind socket (Can't assign requested address) for [1.2.3.19:443]
[ALERT] (62594) : [/usr/local/sbin/haproxy.main()] Some protocols failed to start their listeners! Exiting.
"Any suggestions?
Thanks,
-
Have you added an IPAlias VIP for that IP address on the WAN?
-
Yes. I have tried it with that as well and getting the same error message. I saw on the bottom a note that said that I had to do that. I added that ip as an alias and the same thing.
-
Is the VIP valid? Can you ping out from it in Diag > Ping?
-
Found my issue. I had the wrong IP set in the backend.
thanks,
