4. PfSense Reverse Proxy - HAProxy or Squid?

PfSense Reverse Proxy - HAProxy or Squid?

  • K

    Hi All - I was hoping to get some feedback / suggestions about which reverse proxy package available for pfSense 2.3.2 would work best for the following requirements:

    • We have a number of servers/VM's running a web application using Http via TCP 8069 and I need to serve them securely over the web using a single public IP
    • Access each web application / server via a different host 'A' record in a domain - app1.abc.com -> x.x.x.1:8069  app2.abc.com -> x.x.x.2:8069
    • HTTP traffic would be redirected to SSL on the public IP
    • The pfSense router would 'broker' the SSL web traffic - SSL from the web / HTTP inside our LAN

    Would either package be able to handle those requirements? I would much prefer using pfSense as our reverse proxy  rather than installing NginX to protect each web server.

    Squid looks fairly straightforward to implement as reverse proxy, but I have not found a comprehensive tutorial on the web. From what I have read there are a few 'gotchas' which involve having to use the loopback as the proxy destination and/or adding a parameter to the pfSense advanced config (net.inet.ip.portrange.reservedhigh) to enable Squid to proxy ports below 1024

    I have no preference at this point about what to use… thoughts? suggestions?

    0
  • D
    Banned

    HAProxy, hands down.

    0
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy