Problem: apache2, nat , virtual hosts and Public IP, Load balancing

  • Hi!
    I've installed pfsense 1.0.1. I will install Load Balancing for Apache webservers.
    In my current set up I have apache on NAT with vhost <:80> <:443>, and port forwarding from 1 CARP VIP to Nat server.
    Now I'm going to put two identical web servers, but I don't know what I should do with SSL and how setup conf of apache for many IP.
    I understand that I can create vhosts on NAT only in two ways <:80> or <nat_ip:80 vip:80="">. For load balancing matches only <:80> , as I will use 2 machines with 2 different NAT IP.
    I spoke with few people , and they said that there are two solutions for SSL and webservers behind NAT: one solution is for each ssl cert (VIP) create additonal port e. g. 444,445,446 and forward from VIP:443 to *:446, another solution is that Load Balancer can hold ssl certs and decrypt traffic and later forwarded it to port 80.
    Does pfsense has capability to do it?
    I'd like to know how other people who use pfsense for load balancing , solve problem with configuration of vhosts, many VIP and ssl certs.


Log in to reply