Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Forward Web Proxy on NAT interface

    Scheduled Pinned Locked Moved NAT
    4 Posts 3 Posters 622 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      shawty
      last edited by

      Hi New pfSense user here.

      Finally got sick of my ISP supplied mega efficent state of the art router (Which broke down and cried at anything of 10Mbs - sold for a 20mb residential connection), and built my self a pfSense box. [And Loving it]

      I'm not a newbie in the networking an I.T game (I'm an ex GSM/I.P networks engineer for Orange UK) , I am however a little wet behind the ears with pfSense and would like a little advice from the community if at all possible.

      With my current setup I have a port forward on my WAN side that opens WWW (and Soon HTTPS WWW too) and funnels it into my forward proxy.  The forward proxy is currently running on Lighty [Light Httpd] (On a sparc T1 of all things :0)  ) and that decides based on the domain name coming in, which web application server to proxy the request too.

      Basically I have the following:

      INTERNET –> WAN(80) --> [pfSense using port forward] –> LAN(xx) --> Sparc(IF1-80) --> [Lighty domain check] –> Sparc(IF2-xx) --> Other web servers

      What I'd like to do if at all possible, is move the functionality provided by the Sparc onto the pfSense box (It's a twin core 3.02ghz P4 w 2gb Ram) and then retire the Sparc, as it's starting to get quite unreliable (It's close to being the same age as me!!!) :-)

      What I want to achieve is:

      INTERNET --> WAN(80) --> [pfSense - www domain check (Send to appropriate Web server via Lan side)] [pfSense Normal routing for everything else] –> LAN(xx)

      I do have 3 NIC's in the pfSense box, one which is currently set up as optional IF 1, but is not in use (IE: NO cable plugged in)

      If it's not possible to have pfS accept traffic direct into a web forwarder on 80, then that's fine, I'll figure out other ways, Iv'e had a poke around in pfS, I can see it's just BSD under the hood, so I could probably modify the OS install manually to do this, I can't see any of the plugins that jump out and suggest they are the ones to use, so before I end up kill my pfS box, has anyone got any thoughts on a way I can achieve this?

      Cheers
      Shawty

      1 Reply Last reply Reply Quote 0
      • S
        shawty
        last edited by

        No one have any ideas how I can achieve this then?

        1 Reply Last reply Reply Quote 0
        • GrimsonG
          Grimson Banned
          last edited by

          You may want to look into the right part of the forum: https://forum.pfsense.org/index.php?board=60.0 and read the existing posts.

          1 Reply Last reply Reply Quote 0
          • johnpozJ
            johnpoz LAYER 8 Global Moderator
            last edited by

            Yes you can install reverse proxy package on pfsense to provide that function, ie look at fqdn your trying to hit and send to specific IP behind pfsense.  The section Grimson linked too is prob the better place for such questions..

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 24.11 | Lab VMs 2.8, 24.11

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.