Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Web: Problem with conflict of two NAT rules

    Scheduled Pinned Locked Moved NAT
    6 Posts 3 Posters 890 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      JoeFjell
      last edited by

      Hi,
      We have an exchangeserver with an internal IP address (A), and a webserver with another internal IP address (B). They are on different machines.

      Both have certificate, and both uses port 443. How do you solve this on a pfsense firewall with one external IP address?

      I mean, if someone visits our webpage and a call is made through our firewall and it must be directed to B.
      And a mail is sent through the firewall and it must be directed to A. Is there a way to sense where it should be directed?

      All I can see is that I can work with ports and protocols.

      Oh, and we don't want to fix it by using another port for the webserver so our visitors have to type in https://domain.com:[PORTNUMBER]. It still should be https://domain.com

      /Joe

      1 Reply Last reply Reply Quote 0
      • D
        doktornotor Banned
        last edited by

        Use a reverse proxy with SNI support (would suggest haproxy for this).

        1 Reply Last reply Reply Quote 0
        • J
          JoeFjell
          last edited by

          Thank's doktornotor  :)
          I will try your solution.

          /Joe

          1 Reply Last reply Reply Quote 0
          • J
            JoeFjell
            last edited by

            I am sorry but I can't get it to work.
            I have tried the HAProxy and also squid.
            Squid also seem to cache and I don't want that feature.

            Is there any guide out there that I have missed?

            1 Reply Last reply Reply Quote 0
            • KOMK
              KOM
              last edited by

              https://doc.pfsense.org/index.php/Haproxy_package

              1 Reply Last reply Reply Quote 0
              • D
                doktornotor Banned
                last edited by

                And https://github.com/PiBa-NL/pfsense-haproxy-package-doc/wiki

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.