Pfsense on Lan only for haproxy: WAN configuration



  • Hello, sorry maybe for the dumb question but…
    i have this situation: i have some internal webserver, mixed http and https.
    Actually i have a box with apache2 as reverse proxy right behind the company main (and unique) firewall:

    ISP --> ISP_router --> firewall (kerio control) --> apache2_reverseproxy ---> multiple VMs with web services

    On the firewall i have a route to redirect all the traffic incoming from 1 WAN IP to the apache2 reverse proxy machine. Then via AWS Route53 DNS i managed the subdomains for the web services. When i put on live the pfsense machine with haproxy the plan is to modify the router to let point the 1 WAN IP to the new LAN ip of pfsense machine.

    I want to use pfsense with haproxy to have a nice web interface (instead of CLI) to manage reverse proxies and the pfsense latest integration with letsencrypt for CA.

    I have only this question: how i need to configure the WAN interface on pfsense? I have all now on a 10.0.10.0/24 network (all the servers, so the interface lan side of the firewall, all the servers and VMs with web services).
    Is right to configure only a LAN interface in PfSense with a 10.0.10.0/24 ip and deactivate the WAN interface? And set HAProxy frontends to listen only to LAN interface?

    I Ask becouse after some configuration (basic acme plugin working with 2 subdomain and 2 haproxy frontend running to 2 backend) i lost connection to https webgui and i had to reset pfsense machine completely...
    Thanks a lot