• hello I have to manage access to multiple webservers with pfsense.
    I have installed squid, and I configured the reverse proxy.
    I have created two dns: example1.domain.com and example2.domani.com, that link both at the pfsense WAN IP.
    In reverse proxy I configured the parameters (see attachments).
    When I type outside example1.domain.com everything works.
    When I type outside example2.domain.com he replies example1.domain.com
    I do not understand where my configuration is incorrect.
    I hope that someone has already solved this problem and can help me out.
    ![FIREWALL CONFIGURATION-page-001.jpg](/public/imported_attachments/1/FIREWALL CONFIGURATION-page-001.jpg)
    ![FIREWALL CONFIGURATION-page-001.jpg_thumb](/public/imported_attachments/1/FIREWALL CONFIGURATION-page-001.jpg_thumb)
    ![FIREWALL CONFIGURATION-page-002.jpg](/public/imported_attachments/1/FIREWALL CONFIGURATION-page-002.jpg)
    ![FIREWALL CONFIGURATION-page-002.jpg_thumb](/public/imported_attachments/1/FIREWALL CONFIGURATION-page-002.jpg_thumb)

  • Banned

    Congrats on censoring every single piece of useful info from the "screenshots". Now, go help yourself.

  • I've had Squid setup as reverse proxy.
    I've also had Apache, Varnish, Nginx and others setup as a reverse proxy.

    HAProxy is superior to all of them (Although most of them are officially webservers).
    Varnish is more like a caching server and Squid is better to be used for serving OUTGOING requests.
    (To me Squid OUTGOING has been a pain)

    Do yourself a favour and start using HAProxy and read the doc's well.

    It can even do:

    • SSL Offloading (Which works magic with the ACME tool)
    • Load balancing
    • HA Failover
    • Advanced redirects
    • Proxying for TCP (so not just HTTP)

    Actually doktornotor helped me out several times in the past on the Squid package (he used to maintain it)
    I'm not really sure what his opinion is on HAProxy though but I switched to it in an afternoon with around 20 websites and slowly adopted features like SSL offloading and more advanced ACL rules.

  • Banned

    Yeah, for reverse proxy HAproxy is strongly preferred. Much more flexible than Squid.