Using HAProxy to redirect WAN port 80 to WAN Port 443 using webconfigurator



  • I have HAProxy working with two backends doing SSL offload. It works well.

    But I would like to redirect all WAN port 80 traffic to the WAN SSL port 443.

    I found this thread over one stackoverflow showing how to do this:
    https://stackoverflow.com/questions/13227544/haproxy-redirecting-http-to-https-ssl

    It puts the following line in each of the front end configs:
    redirect scheme https code 301 if !{ ssl_fc }

    After reading the docs, I think this is what I need.

    How do I add this line through the pfSense web GUI?

    I see where you can add global options but not to each frontend… or am I missing it???

    Any help or pointers would be appreciated.

    Bob


  • Banned

    What I'm doing here is:

    1/ Create a http frontend on port 80.
    Create ACLs there to match your hosts (Host matches)
    Action:

    • http-request redirect
    • rule: scheme https code 301
    • ACLs: as needed

    2/ Create a dummy backend (see screenshot)
    3/ Set the dummy backend as default for your other frontends.
    4/ (Optional: Create some fancy 503 error page to serve for the dummy backend.)




  • Thanks for responding but I'm missing something…. I keep getting:

    The field 'Name' contains invalid characters.

    The WAN traffic incoming to WAN port 80 is redirected WAN port 443.

    What would the acl's be then?

    I must not have read enough of the docs  :(


  • Banned

    @tazmo:

    The field 'Name' contains invalid characters.

    Huh? What are you putting there?



  • fat fingered it…. had a space.

    I think that got it... I'll test in a little while.

    Thank you for the response!



  • @tazmo

    I have Pfsense with HAProxy installed in it .can u guide how to do load balance between two AWS EC2 Web server Instance with SSL. Even i have SSL purchased from the 3rd party tool.