Pfsense nat and certificate let'sencrypt

frankz

Hello everyone , I wanted to know if there is a way to deploy port 443 and port 80 on multiple hosts that are in LAN .

For years I have been using the dnat of the 80 and 443 on a server in LAN, where lets' encrypt is installed on this server. I would need to install 2 more servers in LAN and request the certificate ( I use noip.com free and hoi only 3 ip hostname ) . How can I do it? So at the moment I'm limited to dnat on only one host .

viragomann

@frankz
You would need the HAproxy and ACME package on pfSense. ACME manages the Let's encrypt certificates and in HAproxy (HTTP mode) you can add rules to redirect requests to different backend servers according to the host header value.
The backend servers don't need to do TLS then.

frankz

@viragomann
Thank you, I imagined! Where do I find a configuration example?

viragomann

@frankz
For a quick start this Lawrence video may help: https://www.youtube.com/watch?v=gVOEdt-BHDY

It should cover all what you need for above aims.