Host-header support in pfSense



  • Dear all,

    Could somebody inform me if it is possible to host serveral servers behind pfSense based on host-headers -like MS TMG?

    Situation:

    • one external IP address
    • serveral hosting servers

    I read some articles that are telling me Varnish can do the job, others say it can not be done with pfSense neither with the package Varnish. What's the truth?

    If somebody is indication it can be done…how?
    Second, is it also possible te load-balance them based on the host-header?

    Thanks in advance,
    Canefield



  • Nothing built in will do so, several of the packages will do so. Varnish, Apache, Squid reverse proxy possibly, haproxy.



  • I have heard good stories about haproxy and it's been recommended to me. I do want to try and use it but can't really find a guide, about how to do it. Does anyone know of any guides about setting up haproxy with tcp host headers?





  • There's also the official documentation.



  • Rather than reading all the documents. Do you know of a step by step guide that someone has made in a blog? or have screen shots with what to do?? For some reason it just doesnt sound easy as some people say it is. Sorry sometimes with all this complex technology it can be alot to take in, and its nice to be spoon fed accasionally. lol



  • @craigduff:

    Rather than reading all the documents. Do you know of a step by step guide that someone has made in a blog? or have screen shots with what to do?? For some reason it just doesnt sound easy as some people say it is. Sorry sometimes with all this complex technology it can be alot to take in, and its nice to be spoon fed accasionally. lol

    Anybody?


  • Banned

    Could be nice if pfsense had the same user friendlyness as the TMG hey :)

    Everything is put together in the same popup window and very easy to configure with everything relevant including host header support via the proxy :)









  • Banned

    More….

    So when wanting to publish a website, then you wont have to move around in PFsense and 3'rd package interfaces if everything is put into one window.

    That could be made to apply to NAT and everything else....







  • Banned

    Furthermore….the test rule button is a wonderful tool when applying rulesets!

    Now wouldnt that be nice to have in PFSense :)



  • Indeed it would be.
    As far as I recall, people are telling me that Varnish and/or even Squid-Reverse could do the job.

    Any clue? Know how to setup and configure that? Again, I want to use pfSense only if possible.

    Thanks & KR,
    Canefield


  • Banned

    HAProxy should be the best outthere :)



  • Canefield,

    It can be done in pfsense for sure. Haproxy will be easy to configure as it has few configure options and can do http as well https balance/failover.

    Do not foget firewall rules to Allow traffic. ;)

    Att,
    Marcello Coutinho


Log in to reply