Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Webserver behind pfSense and port forwarding Port 80

    Scheduled Pinned Locked Moved General pfSense Questions
    4 Posts 2 Posters 519 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      Stef_R
      last edited by

      I have a Netgate 6100 used as my main firewall.
      On the 6100 I have installed several packages, like Snort, Squid and ACME for certificate.
      ACME is using port 80 / 443 to connect to the Let's Encrypt Server to automatically renew my certificate. This works great.

      But now I want to have a webserver (and maybe even a second webserver as a filecloud server) behind my firewall.
      However, they all use port 80 / 443.
      What would be the best way to a) keep ACME using the port 80 / 443 for auto renewal of the certificates, b) configure my first webserver to use an alternative port number and c) use my filecloud Server to be accessible from outside my network.

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        You can use a reverse proxy, like HAProxy, to send requests to different URLs to different servers behind the firewall. And off-load the SSL to a cert on the proxy if you need to.
        It's quite a complex setup though.

        Steve

        S 1 Reply Last reply Reply Quote 1
        • S
          Stef_R @stephenw10
          last edited by

          Hi @stephenw10
          Many thanks for the quick reply.

          So basically with HAproxy, it looks to the header of a package and based on that info it forwards to the correct Server?

          I am not an expert in this but I do have some basic skills. (And I’m a fast learner :-) ha ha)

          I will take a look at HAproxy and fiddle around with it a bit.

          1 Reply Last reply Reply Quote 0
          • stephenw10S
            stephenw10 Netgate Administrator
            last edited by

            Take a look at: https://youtu.be/FJSHMyrd29E?t=1299

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.