i published haproxy in an internal ip address as well for the stats, it was not necessary to assign any backend.

best regards

thanks a lot man!! i removed the "server cookies" from the backends and also "advanced pass thru" from the frontends and seems to be working great so far!! :)

btw, as i don't want the stats to be accessible from internet.. is it possible to make the stats accessible just from VPN connection in some other internal IP address? or i should just disable the stats?

The other settings looks similar here.

Enable stats and try to see what happens.

I'm using it, so it will be easier to me to compare my setup with yours.

This week I`ll rename haproxy-lagacy to haproxy-full as it has more options then current 1.2 package.

Both(1.2 and 1.0) use the same 1.4.19 version of haproxy.

att,
Marcello Coutinho

the virtual IP is on the wan interface and it's CARP.
when the client is sending https request is not getting any answer
with http requests is going to pfsense web interface.

thnx once again man!!

furthermore, after some tries to edit the configuration for the frontend is accepting the changes but is not updating the configuration, it seems like there is a bug in haproxy legacy (at least 2.0-RELEASE (amd64)).

as for the load balancer what i noticed is that when i take web1 down i can see from the pool tab that web1 is down (red) but on the virtual server tab it keeps "targeting" (forwarding) the requests to web1, which means that the virtual server is not refreshing the status right after the pool.

when i tried i used a virtual carp IP (internet IP) and there i could also access the stats, but i didn't like that the stats were accessible from internet.
is it possible to access the stats (and setup haproxy) in another IP and not in the external IP of haproxy?

Can you try haproxy again using source as balance method, one pool for http and another pool for https?

yes i tried them,
the manual failover cannot do what i need, because i want the traffic to be forwarded automatically to web2 when web1 is down.
and haproxy didn't look to work for https traffic, thus i chose to stay at loadbalancer solution, just i need to improve the time that it takes for forwarding the requests to web2 when web1 is down.
isn't it there a way to make it faster?
the point is that the load balancer is recognizing very fast that the web1 is down, is just not changing the forwarding to web2.

however, the redirection is very slow,

when i take apache down on web1 then from loadbalncer status i can see that the pool with the web1 is down and the pool with the web2 is up (green). however, the loadbalancer is still forwarding the http(s) requests to web1 for some minutes, and then after 2,3 minutes it switching to web2  ???

is there a way to improve this and make it faster so it will not take so long?

thnx

thnx a lot!!

how can i create the Fall Back Pool??
i am creating a pool with the just web1 on it and then a second pool with just the web2? is this what u mean?

how can i use pfsense loadbalancer for failover, there is just loadbalancing and manual failover mode. I want all requests to go to web1 and just if web1 is down then the https requests go to web2. is that possible? i followed this howto http://www.howtoforge.com/how-to-use-pfsense-to-load-balance-your-web-servers

If you do not want to use manual failover, you can create a pool for each server and setup  Virtual Server with Virtual Server Pool for the first server and Fall Back Pool for the second

@skipper:

i tried with haproxy (haproxy-legacy 1.4.19 pkg v 1.0) following this howto http://conheotiensinh.blogspot.com/2011/12/config-haproxy-with-pfsense-version-201.html but since my webservers are redirecting http to https i was getting an ssl error.

If you have both http and https going to the same server, this should be transparent.
Did you selected Source as a balance method on your haproxy frontends?

how can i use pfsense loadbalancer for failover, there is just loadbalancing and manual failover mode. I want all requests to go to web1 and just if web1 is down then the https requests go to web2. is that possible? i followed this howto http://www.howtoforge.com/how-to-use-pfsense-to-load-balance-your-web-servers

i tried with haproxy (haproxy-legacy 1.4.19 pkg v 1.0) following this howto http://conheotiensinh.blogspot.com/2011/12/config-haproxy-with-pfsense-version-201.html but since my webservers are redirecting http to https i was getting an ssl error.

what version of haproxy are you using?

The pfsense loadbalancer(relayd) is also usefull for https failover.