Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    About haproxy

    Cache/Proxy
    2
    4
    793
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      rezgui last edited by

      Dear all

      this my configuration of Haproxy

      global
              maxconn                100
              uid                    80
              gid                    80
              nbproc                  1
              chroot                  /var/empty
              daemon

      frontend public_RP
              bind                    192.168.172.251:443
              mode                    tcp
              log                    global
              option                  dontlognull
              maxconn                2
              timeout client          2
              default_backend        RPservice1_tcp

      backend RPservice1_tcp
              mode                    tcp
              balance                roundrobin
              contimeout              1
              srvtimeout              1
              option                  httpchk HEAD / HTTP/1.0
              server                  ws.test.com 80.12.8.213:443    weight 11

      the problem when i tape https://vip_haproxy
      i has this erreur curl: (35) Unknown SSL protocol error in connection to 192.168.172.251:443

      what i need  to loadbalancing me to my https server  https://ws.test.com  and  acced to his website  https://ws.test.com

      who can explain the cause of the problem?

      if we have a solution

      how can i do that?
      any idea

      thanks in advance

      1 Reply Last reply Reply Quote 0
      • P
        PiBa last edited by

        Try increasing those timeouts a bit 1millisecond is not enough to for most stuff.. Make it them something like 4000 or even more.

        1 Reply Last reply Reply Quote 0
        • R
          rezgui last edited by

          thanks,

          my website has a certificate ssl  this is the url https://ws.test.com

          i would like to know what i need in haproxy to acced to my website and i dont lost the certificate  i like allaws use a secure url for my website.

          which url  or ip adresse can i use in the browser .

          it's that enough: 192.168.172.251:443 ? the acces will be throw  the protocl ssl?

          1 Reply Last reply Reply Quote 0
          • P
            PiBa last edited by

            The config like you have should allow you to access the website with: https://192.168.172.251:443  , though i do find it strange that the frontend has a private ip, and your backend seems to point to a public ip..

            The backend server is usually on the lan/dmz network and likely using a private ip..
            The frontend should be listening on the wan-ip (or where you want to accept connections) firewall rule is needed to allow access to this port.

            Not sure if this answers your question..? I couldnt make complete sense of it.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post

            Products

            • Platform Overview
            • TNSR
            • pfSense Plus
            • Appliances

            Services

            • Training
            • Professional Services

            Support

            • Subscription Plans
            • Contact Support
            • Product Lifecycle
            • Documentation

            News

            • Media Coverage
            • Press
            • Events

            Resources

            • Blog
            • FAQ
            • Find a Partner
            • Resource Library
            • Security Information

            Company

            • About Us
            • Careers
            • Partners
            • Contact Us
            • Legal
            Our Mission

            We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

            Subscribe to our Newsletter

            Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

            © 2021 Rubicon Communications, LLC | Privacy Policy