Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login
    1. Home
    2. Tags
    3. haproxy
    Log in to post
    • All categories
    • B

      pfSense HAProxy Crashing Upon Running Configuration Change

      Cache/Proxy
      • haproxy php8 crash pfsense+ 23.05 • • BowersSystems
      4
      0
      Votes
      4
      Posts
      22
      Views

      V

      My apologies I gave bad advice.

      Documentation is opposite what I suggested. https://docs.netgate.com/pfsense/en/latest/install/upgrade-guide-prepare.html#packages

      Yes I am using haproxy-devel v0.62_13

    • M

      HAProxy with different Frontend and Backend URLs

      Cache/Proxy
      • haproxy • • mr-elamin2
      1
      0
      Votes
      1
      Posts
      279
      Views

      No one has replied

    • G

      HaProxy Reverse Proxy Port Question

      HA/CARP/VIPs
      • haproxy reverse proxy port forwarding • • GameHoundsDev
      1
      0
      Votes
      1
      Posts
      80
      Views

      No one has replied

    • D

      HAProxy: adding map file via GUI?

      Cache/Proxy
      • haproxy • • divemaster90
      3
      0
      Votes
      3
      Posts
      627
      Views

      M

      That would likely need to be a feature request.

    • G

      HaProxy Internal server error main site

      Cache/Proxy
      • haproxy reverse proxy pfsense+ domain ssl • • GameHoundsDev
      2
      0
      Votes
      2
      Posts
      564
      Views

      G

      @gamehoundsdev NVM im a idiot, I forgot to disable a 443 mapping on nat ..

    • J

      How to make HAProxy path use backend (including links/scripts)?

      Cache/Proxy
      • haproxy • • jonathan.young
      4
      0
      Votes
      4
      Posts
      563
      Views

      V

      @jonathan-young
      You can do something like this to insert the /test directory:

      In the backend add an ACL:
      name: notest
      path starts with
      "Not" checked
      value: /test/

      action:
      http-request set-path
      fmt: /test/%[path]
      acl: notest

    • A

      Using SSL offloading to access Services

      Cache/Proxy
      • ssl haproxy nas • • ahole4sure
      2
      0
      Votes
      2
      Posts
      756
      Views

      R

      @ahole4sure no, it is not required if you're using SSL Offloading option on Haproxy frontend. In this case it is better to use http for backend (or issue some internal ssl cert on pfsense for your synology)

    • G

      HAProxy: https redirect frontend not working

      pfSense Packages
      • haproxy • • GCTWorks
      9
      0
      Votes
      9
      Posts
      840
      Views

      G

      @viragomann Oh man! So, I finally figured out the problem. You were correct from the beginning. In fact, nearly every scenario we tried works.

      The problem had nothing to do with my setup. My ISP decided to up and block port 80 all of a sudden without telling me. I figured this out by going back to basics. I started up a simple webserver that listened to port 80 and just forwarded directly to that server. Worked on most every other port except 80. Spent 3 hours on the phone with my ISP to get this fixed.

      All works now.

      I really appreciate the help. I did learn a few things along the way, so not a total waste of time.

    • O

      pfSense, Adguard and haproxy configuration problem

      NAT
      • haproxy adguard dns virtual ip dynamic dns • • O44
      1
      0
      Votes
      1
      Posts
      333
      Views

      No one has replied

    • cukalC

      HAProxy using url table alias

      Cache/Proxy
      • pfblockerng haproxy alias • • cukal
      1
      0
      Votes
      1
      Posts
      231
      Views

      No one has replied

    • PPCMP

      HAProxy : Backend with cookie preserve indirect nocache

      Cache/Proxy
      • haproxy • • PPCM
      1
      0
      Votes
      1
      Posts
      126
      Views

      No one has replied

    • PPCMP

      Backend with cookie preserve indirect nocache

      Cache/Proxy
      • haproxy • • PPCM
      2
      0
      Votes
      2
      Posts
      163
      Views

      PPCMP

      Nobody to help with HAProxy?
      Thanks

    • N

      HAProxy - route by domain name

      pfSense Packages
      • haproxy acl • • nasheayahu
      2
      0
      Votes
      2
      Posts
      788
      Views

      N

      @nasheayahu said in HAProxy - route by domain name:

      wwwkohanyimcom Host matches: no no www.kohanyin.com
      kohanyimcom Host contains: no no kohanyin.com

      I found the problem, my domain was spelled incorrectly... 😧

    • K

      haproxy[4014]: backend activation-backend has no server available!

      Cache/Proxy
      • haproxy • • kcr
      1
      0
      Votes
      1
      Posts
      213
      Views

      No one has replied

    • M

      HAProxy for User Control Panel (UCP) on freepbx

      Cache/Proxy
      • haproxy freepbx • • MattiaIppilito
      4
      0
      Votes
      4
      Posts
      437
      Views

      M

      I added just that one line into the “Global Advanced pass thru” field in the HAproxy Settings tab…applied the configuration changes and it worked immediately. Thanks. How did you do? Many thanks. How can I mark your reply as “solved the problem”!

    • P

      Haproxy service doesn't start

      Cache/Proxy
      • haproxy • • pfuser2
      2
      0
      Votes
      2
      Posts
      290
      Views

      P

      Edit: The last couple of days I have tried to gather some information of why the service won't start. Unfortunately there is not much information that can help me for specific installations on FreeBSD. But I have tried the following commands, with the output I get. I don't know if someone can see why it fails.

      /usr/local/etc/rc.d/haproxy start:
      WARNING: failed precmd routine for haproxy
      /usr/local/etc/rc.d/haproxy enable:
      haproxy enabled in /etc/rc.conf
      /usr/local/etc/rc.d/haproxy status:
      haproxy is not running.
      /usr/local/etc/rc.d/haproxy configtest:
      Configuration file has no error but will not start (no listener) => exit(2).
      haproxy -f /usr/local/etc/haproxy.conf -p /var/run/haproxy.pid:
      [ALERT] 070/102644 (18074) : [haproxy.main()] No enabled listener found (check for 'bind' directives) ! Exiting.

      Also, what I've done so far:

      Set the protocol for the webConfigurator to https Changed the TCP port to something other than 443 Turned on the Disable webConfigurator redirect rule

      Some other information that might be important:

      When I click on the (I don't know what else to call it) play button, the gear will load for a few seconds, then reload and then silently fail. Because the Haproxy service isn't enabled, I can't save the change made in settings of; Enable HAProxy.

      If anyone has an idea of what might be happening, please let me know because I'm out of idea's.

    • L

      HAProxy

      pfSense Packages
      • haproxy • • leumasstudios
      1
      0
      Votes
      1
      Posts
      409
      Views

      No one has replied

    • R

      haproxy http_to_https warning

      Cache/Proxy
      • haproxy • • returntrip
      3
      1
      Votes
      3
      Posts
      1750
      Views

      B

      I was able to solve this by following the HAProxy documentation regarding HTTP to HTTPS redirect.

      Adding unless { ssl_fc } to my ACL action on the front end got rid of the error.

      Now it looks like : scheme https unless { ssl_fc }

      image-01.jpg image-02.jpg

    • M

      redirect http to https and to full URL on HAProxy

      Cache/Proxy
      • haproxy pfsense • • moh10ly
      10
      0
      Votes
      10
      Posts
      1989
      Views

      stephenw10S

      Yeah, you wouldn't want to do that because the backend/frontend need to stay the same protocol.

      But if you want to be able to enter fqdn.com and have that redirect to www.fqdn.com/home/somepage.htm you should be able to. And doing it there prevents HAProxy accidentally overmatching.

      Steve

    • L

      Haproxy settings for patroni... Where to put them

      Cache/Proxy
      • haproxy • • lgwapnitsky
      1
      0
      Votes
      1
      Posts
      234
      Views

      No one has replied

    • F

      Matrix Synapse behind HAProxy on pfSense

      Cache/Proxy
      • haproxy matrix synapse firewall rules • • frostys
      3
      0
      Votes
      3
      Posts
      1253
      Views

      T

      Hi @Baker0052 keen to share your haproxy conf. I have the same problem and cannot figure it out.

    • I

      OpenVPN hinter HAProxy Reverse Proxy - wie?

      Deutsch
      • haproxy openvpn reverse proxy • • iHaveAstream
      15
      0
      Votes
      15
      Posts
      1209
      Views

      nonickN

      @viragomann Dachte ich mir schon, ist aber ist trotzdem schade. Irgendwas ist immer, vor allem wenn etwas einfach umzusetzen ist. Das ganze funktioniert ja überraschend gut, nur das die IP-Adressen von der anfragenden Quelle nicht an den HAProxy weitergereicht werden.

    • MrPeteM

      HAproxy-Devel config GUI bug

      Cache/Proxy
      • haproxy bug backend acl • • MrPete
      1
      0
      Votes
      1
      Posts
      193
      Views

      No one has replied

    • Leaderbot_X400L

      HAproxy return 403 or pfsense webGUI overides port 80

      Cache/Proxy
      • haproxy • • Leaderbot_X400
      1
      0
      Votes
      1
      Posts
      164
      Views

      No one has replied

    • V

      Host becomes unreachable after haproxy

      Cache/Proxy
      • haproxy • • valepe69
      7
      0
      Votes
      7
      Posts
      453
      Views

      viktor_gV

      @piba see also https://github.com/pfsense/FreeBSD-ports/pull/1066

    • sparklyballsS

      Haproxy OCSP stapling PfSense 2.5

      pfSense Packages
      • haproxy pfsense 2.5 • • sparklyballs
      3
      0
      Votes
      3
      Posts
      360
      Views

      sparklyballsS

      @piba

      So after reading your comment, I installed the devel package and after working out the differences I needed to make that were version related, my OCSP stapling is now working again.

      Thanks for the help.

    • E

      2.4.5_1 PHP Error installing HAProxy

      pfSense Packages
      • php error haproxy package install • • entropywrench
      8
      0
      Votes
      8
      Posts
      493
      Views

      E

      @piba said in 2.4.5_1 PHP Error installing HAProxy:

      unset($config['installedpackages']['haproxy']);
      write_config("fix haproxy install, remove empty config");
      print("config fixed?");

      By Jove Sir, I think you got it.

      I was able to install HaProxy.

    • C

      HAPROXY ACL match host and path

      HA/CARP/VIPs
      • haproxy acl • • chris-net
      5
      0
      Votes
      5
      Posts
      2388
      Views

      C

      that looks like solution.

      Thank you for the quick response

    • S

      HA-Proxy für EcoDMS Webclient

      Deutsch
      • haproxy ecodms • • sioren1998
      1
      0
      Votes
      1
      Posts
      68
      Views

      No one has replied

    • T

      Reverse proxy with HAProxy pointing to the firewall

      Traffic Shaping
      • haproxy • • twrigglesworth-tww
      7
      0
      Votes
      7
      Posts
      219
      Views

      T

      @noplan said in Reverse proxy with HAProxy pointing to the firewall:

      @Bob-Dig

      Oh yes... I forgot that one

      Move to something like 99443
      Nothing like 80443 0r 8080

      Smashed it out of the park =D thanks for that, needed to do some reading but moving the port seemed to do the trick.

    • K

      HAProxy not working for root domain, but for subdomains only

      Cache/Proxy
      • haproxy • • Kenneth_H
      4
      0
      Votes
      4
      Posts
      826
      Views

      P

      @planetinse
      Don't ask, read..
      If the certificate is valid for the root domain, then its probably due to the acl's that get added, either check both boxes for checking subject/san, or uncheck them that should allow traffic to pass to the (default) backend. That is assuming you have indeed the same issue, if not, start a different topic please.

    • M

      [SOLVED] HAProxy error after upgrade to 2.4.5-RELEASE

      Cache/Proxy
      • haproxy ssl • • Matt2
      1
      0
      Votes
      1
      Posts
      514
      Views

      No one has replied

    • P

      cant get access from outside to webpage

      General pfSense Questions
      • haproxy acme firewall rules • • pooperman
      19
      0
      Votes
      19
      Posts
      445
      Views

      P

      @pooperman

      there is some issue with SSL handshake:

      1.JPG

    • S

      HAProxy not routing multiple internal hosts to one public IP

      Cache/Proxy
      • haproxy reverse proxy proxy routing • • strongthany
      8
      0
      Votes
      8
      Posts
      1008
      Views

      S

      @PiBa Good news, I got it to work! I did as you suggested and got a self signed certificate on the server using this guide. After that HAProxy is able to route traffic to the host. It even works with the Let's Encrypt wildcard cert I have through the ACME package, so there's no cert errors getting to the site. Thank you for the help again.

    • P

      HAproxy service cannot start - pfSense 2.4.4

      pfSense Packages
      • haproxy service start permissions • • phoadm
      2
      0
      Votes
      2
      Posts
      814
      Views

      P

      @phoadm
      Have you configured the haproxy webgui to 'monitor' a carp interface? If so it wont start on that node until that node becomes master.

    • P

      install treafik on pfsense

      Cache/Proxy
      • proxy haproxy traefik • • PackElend
      1
      0
      Votes
      1
      Posts
      1211
      Views

      No one has replied

    • L

      HAProxy leaving IPFW rule after removing backend or uninstall

      Cache/Proxy
      • haproxy • • lido14
      2
      0
      Votes
      2
      Posts
      276
      Views

      P

      @lido14
      'Normally' IPFW is not running when only pfSense is used without captive-portal..

      The quickest fix is probably to give pfSense a reboot.. Haproxy loads and configures IPFW if it 'needs' transparent-client-ip with its current config settings.. If none of the backends require this the IPFW related configuration code is likely completely skipped. It does not remember that it still needs to disable the old ipfw settings.... I guess i need to set a little 'flag' that transparent-client-ip was used and check that to remove the last rules if the current config doesn't use it anymore.. I'm not sure if unloading ipfw itself is possible.. i think there was a issue there...

    • S

      Increase HAProxy Backend Server Session Limit

      Cache/Proxy
      • haproxy • • stjohnp89
      6
      0
      Votes
      6
      Posts
      1774
      Views

      N

      @crowfather

      I get that the backend limit is 1/10th the front end... but still not sure what this resolves.

      If you set the front-end to 500 does that mean the back-end is really 500 but is only showing 50. Should we be setting it to 10X the value we want or is it that it only incorrectly displays this way?

      --Nikolaos

    • G

      HA Proxy with TLS 1.3

      Cache/Proxy
      • haproxy • • gerby123
      2
      0
      Votes
      2
      Posts
      1611
      Views

      jimpJ

      TLS 1.3 will require OpenSSL 1.1.x, which is only currently available on pfSense 2.5.0 development snapshots. Though it does look like net/haproxy-devel is at 2.0-dev2 on the branch used for pfSense 2.5.0 development, but the pfSense haproxy-devel package doesn't use it (yet).

      I'm not aware of any plans to switch that over yet, but it's probably just a matter of time.