Url based port forward

Mr.Fw · Mar 5, 2010, 1:41 PM

Hi Everyone,

I have 2 web servers that connected to same network.
I need that when someone from the outside browse to a.domain.com will be forwarded to web server 1
and when someone browse to b.domain.com will be forwarded to web server 2

both of them using 2 different internal IPs
and the port for both servers should be 80.

is it possible to do that with pfsense?

Thanks! :)

Mr.Fw

GruensFroeschli · Mar 5, 2010, 1:57 PM

No this is not possible with pfSense. (however i'm not sure if one of the available packages can add this functionality).

But depending on which webserver you're using you might also be able to set up virtual domains and redirect internally from server to server.

Mr.Fw · Mar 5, 2010, 2:16 PM

the problem is that i use 2 different web servers.

is it not possible to to that somehow with pfsense?
maybe use some kind of a reverse proxy?

jimp · Mar 5, 2010, 4:28 PM

I think the HAProxy package can do this, but it still has some rough edges.

DWAyotte · Mar 5, 2010, 10:00 PM

you should go check out nginx.
it is about the most simple reverse proxy in existance and it works beautifully.

all you have to do is forward port 80 to nginx, create route rules based on the domain name to internal servers and done. it can offload any ssl processing as well, it can also reverse proxy folders, so you could have domin.com go to your webserver and domain.com/download go to your fileserver farm, etc etc.
easiest thing to do is run in in VM like ESXi, takes little to no resources and is fast.

Guest · Mar 6, 2010, 4:21 AM

This should be solvable without anything fancy. Each website is on its own unique IP? Set up DNS and 1:1 NAT. Problem solved.

Mr.Fw · Mar 6, 2010, 4:52 PM

@submicron:

This should be solvable without anything fancy. Each website is on its own unique IP? Set up DNS and 1:1 NAT. Problem solved.

each website has its own unique internal ip,
but externally they're sharing one WAN ip.

Thanks ;)

sullrich · Mar 6, 2010, 10:57 PM

modsecurity package can do this.

Mr.Fw · Mar 22, 2010, 7:22 PM

Hi everyone,

its been a while..

anyway, i've installed the "modsecurity" package and this is what i get:

**Forbidden

You don't have permission to access /index.php on this server.**

nothing else was changed except for the package installation.

even after reboot - still the same.

please help me,
my dmz is offline ???

Steve Mustafa · Jun 18, 2010, 4:24 PM

I've been having pretty much the same damned issue.

Its a shame seeing that something like this is not integrated tightly with PFsense as a firewall, that would make PFsense insanely awesome.