HAProxy Listen On LAN - Pass Internal Traffic Through Proxy

  • So here is my setup:

    WAN - DHCP - Public IP

    LAN - xxx.xxx.1.0/24
    VLAN 10 - xxx.xxx.10.0/24
    VLAN 20 - xxx.xxx.20.0/24

    HAProxy Frontends

    HTTP-HTTPS redirect - Listen on WAN - Public IP port 80
    Shared HTTPS - Listen on WAN - Public IP 443

    Uses ACME Certificate Package

    HAProxy Backends

    Service 01 - LAN VLAN
    Service 02 - LAN VLAN
    Service 03 - LAN VLAN


    I can access my services externally, and they work well, however I would like to be able to pass the traffic from VLANs 10 & 20 through the frontend of HAProxy so that I have SSL without having to manually install and update the certs when they expire, as well as just being able to use the FQDN instead of adding the port numbers as well.

    I have tried adding the any (IPv4) to the two frontends but that doesn't seem to work.
    I have tried adding VLAN 10 etc to the frontends instead and that doesn't work.

    Can anyone give me any ideas as to what I am doing wrong?

    I saw something about Transparent Client IP, but the servers are on a different subnet to the clients and I have Pure NAT enabled in the PFsense settings...

    I have spent more time than I care to admit on Google trying to find answers, so if someone can help out I will be forever grateful.


  • Did you figure this out? When I do, I'll post my response here.

Log in to reply