Can i whitelist ip addresses before passing https traffic to haproxy?
-
Hi ,
I have haproxy configured on my firewall. Can i whitelist ip addresses before passing https traffic to haproxy? Could someone please guide ?
Regards,
Justin X. -
@justinxa said in Can i whitelist ip addresses before passing https traffic to haproxy?:
I have haproxy configured on my firewall. Can i whitelist ip addresses before passing https traffic to haproxy? Could someone please guide ?
Regards,
Justin X.What do you mean with whitelist? You can configure a firewall rule on your haproxy interface (WAN?) to allow only special ip addresses.
-
Thanks for the reply,
My main issue is that i am unable to add headers to ssl mode traffic at the haproxy Frontend. How can i achieve that? Because after the traffic passes, post backend then i am not able to get the original source ipaddres. It only returns the LAN ipv4 address of the F/W interface. All response and support are appreciated.
Regards,
Justin -
@justinxa if you need the original source address, please enable the "forwardfor" option under Advanced settings in your Frontend configuration.
-
@bepo Thanks for the response. The advanced settings for the frontend configuration is as shown in the snap.
But i cant find that forwardfor option. Could you please guide me here? Thanks.
Regards,
Justin X. -
@justinxa strange. It should be located in this setting.
https://sysadms.de/wp-content/uploads/2018/10/httpsfrontend.png
(https://sysadms.de/2018/10/pfsense-haproxy-als-reverse-proxy/)Here you can see this setting. Maybe you should check the other settings an why this checkbox is missing.
Kind regards
-
I got it. You should use the (http / https offloading) setting in the Edit HAProxy Frontend section.
-
@bepo Thanks for the response.
Let me try this option again. Previously i had tried http/https option before ssl/https mode. but i wasnt able to configure it properly.
Regards,
Justin X. -
@bepo Thanks bepo it really solved my issue
-
Nice! I am happy that this helped you! :-)
Please dont forget to upvote