Reverse Proxy Configuration Problem



  • Dear All,

    I am trying to configure PFSense v.2  as a router for my small network and I have an problem with my reverse proxy configuration using squid.
    My configuration is very simple. I have two network interfaces. One public with WAN ip address and one private (c class network).
    My private network has two apache web servers and I would like to published them via WAN ip address.
    I'm having “Access Denied” from my proxy when I'm trying to access my private web server via public ip address.

    I configured squid via pfsense webgui as following:

    Configuration:
    Services -> Proxy Server-> Reverse Settings ->

    Reverse Proxy Interface: Wan

    External FQDN: firewall.example.com
    (Where firewall my WAN network interface of pfsense)

    Enable HTTP reverse mode: CHECKED

    Peer definitions:
    HOST1;192.168.1.99;80;HTTP
    HOST2;192.168.1.98;80;HTTP
    (where 192.168.1.98 & 192.168.1.99 my internal web servers www1.example.com & www2.example.com)

    URI definitions:
    URI1;www1.example.com;firewall.example.com.
    URI2;www2.example.com;firewall.example.com.
    (where www1.example.com & www2.example.com my internal web servers. Also firewall.example.com has public ip address)

    ACL definitions: HOST1;URI1

    I hope you can help me with this small issue and look forward to your answers.

    Regards,
    APPLICGS



  • Squid can be used as a reverse proxy but was not designed for it.

    you can try:

    • varnish (realy fast but no so easy to configure. balance http)

    • haproxy (recently updated to latest version. balance http and https)

    • pfsenses built in load balancer(easy to configure and balance http and https)

    Sorry for not answering how reverse squid works, I really prefer one of above options.  :)


Log in to reply