Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Host-header support in pfSense

    Scheduled Pinned Locked Moved NAT
    13 Posts 6 Posters 6.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      canefield
      last edited by

      Dear all,

      Could somebody inform me if it is possible to host serveral servers behind pfSense based on host-headers -like MS TMG?

      Situation:

      • one external IP address
      • serveral hosting servers

      I read some articles that are telling me Varnish can do the job, others say it can not be done with pfSense neither with the package Varnish. What's the truth?

      If somebody is indication it can be done…how?
      Second, is it also possible te load-balance them based on the host-header?

      Thanks in advance,
      Canefield

      1 Reply Last reply Reply Quote 0
      • C
        cmb
        last edited by

        Nothing built in will do so, several of the packages will do so. Varnish, Apache, Squid reverse proxy possibly, haproxy.

        1 Reply Last reply Reply Quote 0
        • C
          craigduff
          last edited by

          I have heard good stories about haproxy and it's been recommended to me. I do want to try and use it but can't really find a guide, about how to do it. Does anyone know of any guides about setting up haproxy with tcp host headers?

          Kind Regards,
          Craig

          1 Reply Last reply Reply Quote 0
          • marcellocM
            marcelloc
            last edited by

            Take a look on this doc

            http://doc.pfsense.org/index.php/Haproxy_package

            Treinamentos de Elite: http://sys-squad.com

            Help a community developer! ;D

            1 Reply Last reply Reply Quote 0
            • Cry HavokC
              Cry Havok
              last edited by

              There's also the official documentation.

              1 Reply Last reply Reply Quote 0
              • C
                craigduff
                last edited by

                Rather than reading all the documents. Do you know of a step by step guide that someone has made in a blog? or have screen shots with what to do?? For some reason it just doesnt sound easy as some people say it is. Sorry sometimes with all this complex technology it can be alot to take in, and its nice to be spoon fed accasionally. lol

                Kind Regards,
                Craig

                1 Reply Last reply Reply Quote 0
                • C
                  canefield
                  last edited by

                  @craigduff:

                  Rather than reading all the documents. Do you know of a step by step guide that someone has made in a blog? or have screen shots with what to do?? For some reason it just doesnt sound easy as some people say it is. Sorry sometimes with all this complex technology it can be alot to take in, and its nice to be spoon fed accasionally. lol

                  Anybody?

                  1 Reply Last reply Reply Quote 0
                  • S
                    Supermule Banned
                    last edited by

                    Could be nice if pfsense had the same user friendlyness as the TMG hey :)

                    Everything is put together in the same popup window and very easy to configure with everything relevant including host header support via the proxy :)

                    general.jpg
                    general.jpg_thumb
                    listener.jpg
                    listener.jpg_thumb
                    publicname.jpg
                    publicname.jpg_thumb
                    traffic.jpg
                    traffic.jpg_thumb

                    1 Reply Last reply Reply Quote 0
                    • S
                      Supermule Banned
                      last edited by

                      More….

                      So when wanting to publish a website, then you wont have to move around in PFsense and 3'rd package interfaces if everything is put into one window.

                      That could be made to apply to NAT and everything else....

                      action.jpg
                      action.jpg_thumb
                      linktranslation.jpg
                      linktranslation.jpg_thumb
                      schedule.jpg
                      schedule.jpg_thumb

                      1 Reply Last reply Reply Quote 0
                      • S
                        Supermule Banned
                        last edited by

                        Furthermore….the test rule button is a wonderful tool when applying rulesets!

                        Now wouldnt that be nice to have in PFSense :)

                        1 Reply Last reply Reply Quote 0
                        • C
                          canefield
                          last edited by

                          Indeed it would be.
                          As far as I recall, people are telling me that Varnish and/or even Squid-Reverse could do the job.

                          Any clue? Know how to setup and configure that? Again, I want to use pfSense only if possible.

                          Thanks & KR,
                          Canefield

                          1 Reply Last reply Reply Quote 0
                          • S
                            Supermule Banned
                            last edited by

                            HAProxy should be the best outthere :)

                            1 Reply Last reply Reply Quote 0
                            • marcellocM
                              marcelloc
                              last edited by

                              Canefield,

                              It can be done in pfsense for sure. Haproxy will be easy to configure as it has few configure options and can do http as well https balance/failover.

                              Do not foget firewall rules to Allow traffic. ;)

                              Att,
                              Marcello Coutinho

                              Treinamentos de Elite: http://sys-squad.com

                              Help a community developer! ;D

                              1 Reply Last reply Reply Quote 0
                              • First post
                                Last post
                              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.