HA Proxy - Using different backends on the same frontend - GUI Limitation?



  • Hello,

    I have a issue on the gui of haproxy on pfsense.

    I have a functioning configuration of HAproxy with:

    global
    stats socket /tmp/haproxy.socket level admin
    uid 80
    gid 80
    nbproc 1
    chroot /tmp/haproxy_chroot
    daemon

    frontend port-4443
            bind 0.0.0.0:4443
            mode tcp
            tcp-request inspect-delay 5s
            tcp-request content accept if { req.ssl_hello_type 1 }

    # SSL connection
            acl proto_tls req.ssl_hello_type 1
            acl ocserv req.ssl_sni -i ocs.server.com

    use_backend b_ocserv if ocserv
            use_backend b_https if proto_tls

    default_backend b_https

    backend b_https
            mode tcp
            option tcplog
            server https 172.16.0.148:443
            timeout server 2h

    backend b_ocserv
            mode tcp
            option tcplog
            server https 172.16.3.150:443
            timeout server 2h

    However i cannot use the webgui to implement this, for it does not accept on the same frontend reference to two different backends.

    Am i missing something regarding this? Or is it a limitation imposed by the pfsense gui?

    Thanks for a wonderfull product!
    Nuno



  • Hello all,

    I've upgraded to the haproxy-devel, and i was able to translate my working config to pfsense webgui format.

    Thanks
    Nuno