Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    HAProxy, error 503

    Scheduled Pinned Locked Moved HA/CARP/VIPs
    1 Posts 1 Posters 96 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • federicopF
      federicop
      last edited by

      I have an IIS server with RDS configured and accessible at rds.mydomain.local, and everything works fine.

      Now, I’d like to connect within the LAN and via VPN using a different mapped domain (still local, since I'm connecting via VPN), to prevent clients from accessing the RDS server directly.

      For example, instead of rds.mydomain.local, I want to use mysite.intra.net.

      Here’s what I’ve configured:

      Backend: points to the RDS server on port 443 (I’ve changed pfSense’s default port), with HTTP health check set to GET /healthcheck.html

      c6f5aa1b-5252-478a-a816-1220171e91b5-immagine.png

      Frontend: listens on a custom IP on pfSense with port 443 SSL, and uses an ACL to match mysite.intra.net and route to the backend

      58068959-7cd6-45f2-b489-3ee275c8a6b0-immagine.png

      7fb6d620-7c52-4b4b-8c0f-f043f75e445a-immagine.png

      132579af-64a1-40e1-a919-08c6bd7de4d3-immagine.png

      6d33c267-b587-455f-9c6c-f6fde3d1a227-immagine.png

      DNS Resolver: configured to resolve mysite.intra.net to the RDS server

      The server seems reachable…

      5700bbd4-4cd4-48fd-9fde-8838034a4159-immagine.png

      …but when I try to open the page, I get a 503 error.
      I’ve tried generating the certificate using both ACME and pfSense's internal CA.

      Any suggestions?

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.