Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    webUI and HAProxy on port 443 - Binding to specific CARP IP's

    Scheduled Pinned Locked Moved webGUI
    3 Posts 2 Posters 639 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      ben-ihelputech
      last edited by

      Re: Bind webGUI only to certain interfaces

      Use CARP IP's to bind HAProxy to Specific IP/Interface

      Hello! I was curious if anyone has had any experience with running HA Proxy while keeping the webUI on port 443. My first thought was to bind the webUI to specific interfaces/IP's but that doesn't seem to be possible. It seems like the simple and recommended solution would be to change the pfSense webUI port to something other than 443, but I don't want to do that.

      Ideal Scenario

      firewall a: 192.168.1.2
      firewall b: 192.168.1.3
      CARP LAN IP: 192.168.1.1
      HA Proxy VIP: 192.168.1.254
      

      https://192.168.1.2 and https://192.168.1.3 go to the respective webui for each firewall
      https://privateserver.example.com resolves to 192.168.1.254 and HA proxy serves the local web page.

      V 1 Reply Last reply Reply Quote 0
      • V
        viragomann @ben-ihelputech
        last edited by

        @ben-ihelputech said in webUI and HAProxy on port 443 - Binding to specific CARP IP's:

        It seems like the simple and recommended solution would be to change the pfSense webUI port to something other than 443

        You could change the WebUI port to something else and still use HAproxy to access both of them by using friendly host names.

        B 1 Reply Last reply Reply Quote 0
        • B
          ben-ihelputech @viragomann
          last edited by

          @viragomann That would make more sense than trying to manual edit nginx rules make it work. It would be nice if they added the ability to bind the webui to specific interfaces in the future but I imagine that this is a pretty niche use case. I'll give your suggestion a shot and see what happens.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.