[Solved] HaProxy not working/port Issue

manjotsc

@PiBa Thanks, Port Situation is fixed now, but I am getting this error now, for my pfsense

# Automaticaly generated, dont edit manually.
# Generated on: 2020-03-18 08:29
global
	maxconn			1000
	stats socket /tmp/haproxy.socket level admin 
	uid			80
	gid			80
	nbproc			1
	hard-stop-after		15m
	chroot				/tmp/haproxy_chroot
	daemon
	tune.ssl.default-dh-param	2048
	server-state-file /tmp/haproxy_server_state

listen HAProxyLocalStats
	bind 127.0.0.1:2200 name localstats
	mode http
	stats enable
	stats admin if TRUE
	stats show-legends
	stats uri /haproxy/haproxy_stats.php?haproxystats=1
	timeout client 5000
	timeout connect 5000
	timeout server 5000

frontend FrontEndProxy
	bind			147.253.151.155:443 name 147.253.151.155:443   ssl crt-list /var/etc/haproxy/FrontEndProxy.crt_list  
	mode			http
	log			global
	option			http-keep-alive
	timeout client		30000
	acl			auth	var(txn.txnhost) -m str -i auth.manjot.net
	acl			speed	var(txn.txnhost) -m str -i speed.manjot.net
	acl			pfsense	var(txn.txnhost) -m str -i pfsense.manjot.net
	acl			aclcrt_FrontEndProxy	var(txn.txnhost) -m reg -i ^([^\.]*)\.manjot\.net(:([0-9]){1,5})?$
	acl			aclcrt_FrontEndProxy	var(txn.txnhost) -m reg -i ^manjot\.net(:([0-9]){1,5})?$
	acl			aclcrt_FrontEndProxy	var(txn.txnhost) -m reg -i ^auth\.manjot\.net(:([0-9]){1,5})?$
	acl			aclcrt_FrontEndProxy	var(txn.txnhost) -m reg -i ^www\.auth\.manjot\.net(:([0-9]){1,5})?$
	acl			aclcrt_FrontEndProxy	var(txn.txnhost) -m reg -i ^speed\.manjot\.net(:([0-9]){1,5})?$
	acl			aclcrt_FrontEndProxy	var(txn.txnhost) -m reg -i ^ntopng\.manjot\.net(:([0-9]){1,5})?$
	acl			aclcrt_FrontEndProxy	var(txn.txnhost) -m reg -i ^pfsense\.manjot\.net(:([0-9]){1,5})?$
	http-request set-var(txn.txnhost) hdr(host)
	use_backend Auth_ipvANY  if  auth aclcrt_FrontEndProxy
	use_backend Speed_ipvANY  if  speed aclcrt_FrontEndProxy
	use_backend PfSense_ipvANY  if  pfsense aclcrt_FrontEndProxy

backend Auth_ipvANY
	mode			http
	id			102
	log			global
	timeout connect		30000
	timeout server		30000
	retries			3
	option			httpchk OPTIONS / 
	server			auth 192.168.40.73:443 id 103 ssl check inter 1000  verify none crt /var/etc/haproxy/server_clientcert_5d2d8e0f67246.pem 

backend Speed_ipvANY
	mode			http
	id			106
	log			global
	timeout connect		30000
	timeout server		30000
	retries			3
	option			httpchk OPTIONS / 
	server			speed 192.168.40.74:443 id 103 ssl check inter 1000  verify none crt /var/etc/haproxy/server_clientcert_5daf9c80e7570.pem 

backend PfSense_ipvANY
	mode			http
	id			104
	log			global
	timeout connect		30000
	timeout server		30000
	retries			3
	option			httpchk OPTIONS / 
	server			pfsense 192.168.40.1:4077 id 105 ssl check inter 1000  verify none crt /var/etc/haproxy/server_clientcert_5daf809d44c6d.pem

PiBa

@manjotsc

The 'not allowed' message usually tels that a wrong method was used in the request. In this case change the OPTIONS to HEAD. And it should become 'green'.

manjotsc

@PiBa Thank you very much, for all the support you provided.