• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Problem with HAProxy transparent mode

Scheduled Pinned Locked Moved Firewalling
4 Posts 2 Posters 475 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • L
    Luck Besozzi
    last edited by May 14, 2021, 8:24 AM

    Hi,

    I need to activate Transpartent Mode on HAProxy because I need to see the public IP of customers browsing my websites.
    However, by activating it all the other sites that are not on the public IP managed by the haproxy stop working.

    How can I solve?

    Thanks

    1 Reply Last reply Reply Quote 0
    • L
      Luck Besozzi
      last edited by Jun 4, 2021, 2:17 PM

      Hi,

      anyone can help me?

      V 1 Reply Last reply Jun 4, 2021, 5:28 PM Reply Quote 0
      • V
        viragomann @Luck Besozzi
        last edited by viragomann Jun 4, 2021, 5:29 PM Jun 4, 2021, 5:28 PM

        @luck-besozzi
        This by design.
        Read the warning hint at Transparent ClientIP:

        WARNING Activating this option will load rules in IPFW and might interfere with CaptivePortal and possibly other services due to the way server return traffic must be 'captured' with a automatically created fwd rule. This also breaks directly accessing the (web)server on the ports configured above. Also a automatic sloppy pf rule is made to allow HAProxy to server traffic.
        Workaround exists only by configuring a second port or IP on the destination server for direct access of the website.
        Having this option enabled also means that a client on the same subnet as the server wont be able to connect.

        L 1 Reply Last reply Jun 10, 2021, 2:34 PM Reply Quote 1
        • L
          Luck Besozzi @viragomann
          last edited by Jun 10, 2021, 2:34 PM

          @viragomann
          So we set up another Front / Backend for sites that were not previously managed by haproxy.
          Everything works fine except the websocket connection.
          The strange thing is that the websocket connection no longer works even on the other local virtual machines on the LAN (which are not web servers).

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
            This community forum collects and processes your personal information.
            consent.not_received