PfSense + Squid + local network
-
Hi everybody,
I am struggling since few days now with my setup and you are my last chance before leaving all as it is now...
Installation:
1/Pfsense as a FW. Everything which goes from my ISP box goes through it.
Installed in a VM on ESXI.
WAN IP: 192.168.1.10
Lan IP: 192.168.2.1
Acme package is installed and I have a certificate for my domain name and its subdomains2/Bitwarden setup in docker in another VM and accessible via 192.168.2.14:32770
No cert installed
3/Nextcloud setup up in a jail within Freenas which is himself in another VM.
Nextcloud could be reached via 192.168.2.40:443
No cert installedI have an OVH domain name . which points my public IP
I have two subdomains registered bw.. and nc.****. which are also pointing to my public IPWhat I am trying to do:
Reach either Nextcloud or Bitwarden through nc.. or bw.. and use the global cert I have in PfSense.
I do not want these VM to be reachable from outside of my own networkI have followed serveral howto using Squid as a reverse proxy and this is definitely working but only when I make the port 443 accessible from outside (which I do not want).
In this config, Nextcloud and Bitwarden benefits for the global cert and are reachable via the subdomains mentioned earlier.
If I do not allow connection on 443, I lose the internal access to my VM.I also tried using HAProxy but results is exactly the same.
I do not know where to look at anymore...Is any of you have an idea on how I could reach my target?
I could provide whatever info you might estimate necessary to understand and fix.Many thanks in advance,
Regards,
Antoine