Host-header support in pfSense

canefield

Dear all,

Could somebody inform me if it is possible to host serveral servers behind pfSense based on host-headers -like MS TMG?

Situation:

• one external IP address
• serveral hosting servers

I read some articles that are telling me Varnish can do the job, others say it can not be done with pfSense neither with the package Varnish. What's the truth?

If somebody is indication it can be done…how?
Second, is it also possible te load-balance them based on the host-header?

Thanks in advance,
Canefield

cmb

Nothing built in will do so, several of the packages will do so. Varnish, Apache, Squid reverse proxy possibly, haproxy.

craigduff

I have heard good stories about haproxy and it's been recommended to me. I do want to try and use it but can't really find a guide, about how to do it. Does anyone know of any guides about setting up haproxy with tcp host headers?

marcelloc

Take a look on this doc

http://doc.pfsense.org/index.php/Haproxy_package

Cry Havok

There's also the official documentation.

craigduff

Rather than reading all the documents. Do you know of a step by step guide that someone has made in a blog? or have screen shots with what to do?? For some reason it just doesnt sound easy as some people say it is. Sorry sometimes with all this complex technology it can be alot to take in, and its nice to be spoon fed accasionally. lol

canefield

@craigduff:

Rather than reading all the documents. Do you know of a step by step guide that someone has made in a blog? or have screen shots with what to do?? For some reason it just doesnt sound easy as some people say it is. Sorry sometimes with all this complex technology it can be alot to take in, and its nice to be spoon fed accasionally. lol

Anybody?

Supermule

Could be nice if pfsense had the same user friendlyness as the TMG hey :)

Everything is put together in the same popup window and very easy to configure with everything relevant including host header support via the proxy :)

Supermule

More….

So when wanting to publish a website, then you wont have to move around in PFsense and 3'rd package interfaces if everything is put into one window.

That could be made to apply to NAT and everything else....

Supermule

Furthermore….the test rule button is a wonderful tool when applying rulesets!

Now wouldnt that be nice to have in PFSense :)

canefield

Indeed it would be.
As far as I recall, people are telling me that Varnish and/or even Squid-Reverse could do the job.

Any clue? Know how to setup and configure that? Again, I want to use pfSense only if possible.

Thanks & KR,
Canefield

Supermule

HAProxy should be the best outthere :)

marcelloc

Canefield,

It can be done in pfsense for sure. Haproxy will be easy to configure as it has few configure options and can do http as well https balance/failover.

Do not foget firewall rules to Allow traffic. ;)

Att,
Marcello Coutinho