Cannot publish subpages with HAProxy
Lostinbimbo last edited by
My config is like;
WAN (22.214.171.124)-> Juniper FW (192.168.1.75)-> HTTP ->MS ISA Server (192.168.1.253)-> www.test.com (192.168.1.1)
WAN (126.96.36.199)-> Juniper FW (192.168.1.75)-> HTTP ->MS ISA Server (192.168.1.253)-> www.test.com/hello/ (192.168.1.2)
It's very easy to do this with ISA Server but i want to switch Pfsense. So i've installed HAProxy and i can publish www.test.com (192.168.1.1) but couldn't create correct rules for www.test.com/hello/ (192.168.1.2).
Whenever i go for www.test.com/hello/ it goes to 192.168.1.1 instead of 192.168.1.2, can someone help me how to create a correct config. for this setup?
What rules did you make? Can you share the haproxy.cfg ?
Lostinbimbo last edited by
Sorry cant do that but it wouldnt matter anyway because i have no idea how to write config for subpages. I've searched net whole day but couldn't find single example regarding this subject. So if u guys show me some example configs i think i can figure out the rest.
I've created two backends pointing port 80 to 192.168.1.1 and 192.168.1.2. Tried a to create a primary frontend with two shared frontends but no idea how to create correct ACL's to get this work.
Perhaps look at the native haproxy manual:
The way they do it for "/images"
In the haproxy package on pfSense youl need to define an acl to match /images and a usebackend action to then go to the right backend if the acl matches.
Has there been any progress on this I am in the same boat..
If your in the same boat, then look at the same manual as linked above.. Or ask your question is a separate forum thread and i can try to help you there. Maybe i we can try and learn how to fish, instead of giving you a fish..
Sounds like a plan if i work it out all on my own I will defo update this Thread… ;D
Reading other forums etc.. I have come up with the below config, but it does not seem to work… can anyone point out what might be wrong
bind 127.0.0.1:2200 name localstats
stats admin if TRUE
stats uri /haproxy/haproxy_stats.php?haproxystats=1
timeout client 5000
timeout connect 5000
timeout server 5000
bind XXX.XXX.XXX.XXX:443 name XXX.XXX.XXX.XXX:443 ssl crt /var/etc/haproxy/SHFD.pem
bind 192.168.23.1:443 name 192.168.23.1:443 ssl crt /var/etc/haproxy/SHFD.pem
acl https ssl_fc
http-request set-header X-Forwarded-Proto http if !https
http-request set-header X-Forwarded-Proto https if https
timeout client 86400000
acl AURL path_end -i /Automation
use_backend Automation_Server_http_ipvANY if AURL
timeout connect 30000
timeout server 30000
server AutoMate 192.168.23.2:8099
It looks like youve disabled healthchecking on the server, if you enable it for http, does the server show up 'green' on the stats page? If not some info here: https://github.com/PiBa-NL/pfsense-haproxy-package-doc/wiki/haproxy_troubleshooting
Other than that are you sure the path 'ends' on /Automation ? For testing what curl command are you running?
Does http://192.168.23.2:8099/Automation show a (error?)response from the webserver when visited with a browser?
I believe i know what might be wrong but unsure how to fix this… have change the path_end to Path_begins. but also noticed the internal path should be http://192.168.23.2:8099/* Correct me if I am wrong like you point out below it requesting the URL to http://192.168.23.2:8099/Automation internally
Do you know the best way of achieving this?
on the backend i have added the following line to
"Backend pass thru"
reqrep ^([^\ :])\ /Automation/(.) \1\ /\2
This seems to work is it possable to drop off the last forward slash / ?