Certainly can do that with subdomains and hostname matching. For what you want to accomplish, would this be something like: website1.example.com website2.example.com or example.com/website1 example.com/website2 ?
Hello sir, Lets say I have SOCKS5 Proxy from a third party, which incldes, IP, PORT, USERNAME AND PASSWORD. so, How to setup this socks5 with ha proxy? Is it possible? or if not, can you suggest me something else? thank you.
Great question! Typically socks5 proxy is for outbound web traffic originating from inside your network. HA Proxy is allowing you to serve up web services to the Internet, and should be fully separate from your socks5 proxy
Thank you... very good. A hint to everyone one else following tutorial without background checking what things actually are.... Don't use "pfctl -d" if you connected with OpenVPN to the router, as this turns off the packet filtering and also NAT... ;-) (Anyway, it opened up the pfsense to be reachable from outside and I managed to login and reboot pfSense)
Thank you! I watched multiple other tutorials yesterday afternoon and spent all night reading different forums in an attempt to troubleshoot where I was going wrong. Those tutorials were leaving out critical steps, as well as providing incorrect information. I followed this video, as well as your tutorial for the pfSense ACME Let's Encrypt plugin, and it worked to perfection.
Thank you ! I've watched different videos, but yours is definitely the most simple how-to and the best explained without useless blahblah My different servers are now reachable
Yep! HA Proxy is the service you’re looking for. Check out this quick guide I made for setting it up, including free auto-renewing Lets Encrypt SSL certificates! ua-cam.com/video/KkRHqxbWvAM/v-deo.html
Great videos. Clear, concise and to the point. I'm trying to add one additional component to the setup. Was wondering if you could point me in the right direction. I use a Synology NAS to host a few web applications, ie. photos, note station, file station, etc. These are all accessible via subdirectories of the main site. How would I go about forwarding a subdomain to a subdirectory of that subdomain or another subdomain? Would I use frontend or backend and what would the ACL and action look like? Thanks so much.
Apologies that I cannot give you a direct answer, as I don't have this particular lab environment set up at the moment. However, it certainly can be done, as I recall having some RegEx based redirects for subdirectories, routing to totally different backend servers.
instead of switching the port on the firewall you could setup an VIP (Firewall -> Virtual IPs) and then within the HAProxy bind to it. you wont setup rules that target the firewall. you could then just NAT 443 to the VIP
... know I'm asking allot, but do think this is very much in line with a good way to configure all and expose a HA deployment (which in my case is also used to arm/disarm my alarm system)
i am facing issue i want to use my domain without 'www' i tried but not resolved and shows (503 Service Unavailable No server is available to handle this request.) i need help in this with Haproxy and domain configuration, can u show me the video ref for redirecting non www to www once again thank you,
Hi I want to make a rule or an condition to forward to port 443 to specific domain, but I have an issue because I want to forward without certification (cert) in the other local ip I have a valid cert but they both crashed. So I don’t find a way
Follow-up for this is coming out Monday! It’s where my pfSense series and Docker container series cross over, as the example web server will be a containerized sample Wordpress + Database environment, behind HA Proxy... video releases at 6am Pacific time!
Sorry...but the http to https redirect rule doesn’t work...from my lan or my OpenVPN connection if I type ....I still get the internal http website version and not the https....
I was flow all your video about pfsense. I have question please help me out. I have two vm, I want to ssh to this VM without using openVPN (it's mean I want to ssh via WAN IP, I want to connect ssh via haproxy). Can you please help me, because I was research all day but can not ssh :((
HAProxy wouldn't be needed, this is just proxying web traffic. You could set up a NAT to forward port 22/TCP to the server you want to SSH to. I recommend some security measures if you're going to expose SSH to the Internet (bots will start hammering it pretty quickly) * If at all possible, scope the allowed IPs to a particular public IP address (not always possible) * Ensure you have a strong password on all SSH-enabled accounts on the box you're exposing * Even better, enforce RSA key-pair authentication.
how to do it with two subdomains. the DNS created in Bluehost, and the two websites (subdomains) hosted on local servers ? any clue plz
Certainly can do that with subdomains and hostname matching. For what you want to accomplish, would this be something like:
website1.example.com
website2.example.com
or
example.com/website1
example.com/website2
?
@@OMGTheCloud man, u r just amazing, thanx a looooooooot it worked just fine :) thnx bro for ur efforts
Hello sir,
Lets say I have SOCKS5 Proxy from a third party, which incldes, IP, PORT, USERNAME AND PASSWORD.
so, How to setup this socks5 with ha proxy? Is it possible? or if not, can you suggest me something else?
thank you.
Great question! Typically socks5 proxy is for outbound web traffic originating from inside your network. HA Proxy is allowing you to serve up web services to the Internet, and should be fully separate from your socks5 proxy
@@OMGTheCloud can you suggest me alternative? And I will be glad if you make a video about it for pfsense.
Can you describe your goals and your setup a bit further? There are several good paths forward
Thank you... very good. A hint to everyone one else following tutorial without background checking what things actually are.... Don't use "pfctl -d" if you connected with OpenVPN to the router, as this turns off the packet filtering and also NAT... ;-)
(Anyway, it opened up the pfsense to be reachable from outside and I managed to login and reboot pfSense)
Thank you! I watched multiple other tutorials yesterday afternoon and spent all night reading different forums in an attempt to troubleshoot where I was going wrong. Those tutorials were leaving out critical steps, as well as providing incorrect information. I followed this video, as well as your tutorial for the pfSense ACME Let's Encrypt plugin, and it worked to perfection.
Great to hear!
Thank you ! I've watched different videos, but yours is definitely the most simple how-to and the best explained without useless blahblah
My different servers are now reachable
Very nice. No fluff. Quick and straightforward. Best in UA-cam in setting up pfSense and HAProxy.
Thank You , great job
Does pfsense HAproxy support DNS based redirection to internal servers for multiple domain names from the same port 80 and 443?
Yep! HA Proxy is the service you’re looking for. Check out this quick guide I made for setting it up, including free auto-renewing Lets Encrypt SSL certificates!
ua-cam.com/video/KkRHqxbWvAM/v-deo.html
Great videos. Clear, concise and to the point. I'm trying to add one additional component to the setup. Was wondering if you could point me in the right direction. I use a Synology NAS to host a few web applications, ie. photos, note station, file station, etc. These are all accessible via subdirectories of the main site. How would I go about forwarding a subdomain to a subdirectory of that subdomain or another subdomain? Would I use frontend or backend and what would the ACL and action look like? Thanks so much.
Apologies that I cannot give you a direct answer, as I don't have this particular lab environment set up at the moment. However, it certainly can be done, as I recall having some RegEx based redirects for subdirectories, routing to totally different backend servers.
but thanks great tutorial
instead of switching the port on the firewall you could setup an VIP (Firewall -> Virtual IPs) and then within the HAProxy bind to it. you wont setup rules that target the firewall. you could then just NAT 443 to the VIP
Thanks for mentioning this, I will test this out! I like the idea of using a VIP instead!
you mention other videos, can you post links to them please, like your style, any chance you can show this integrating with Cloudflare...
Sure! Do you mean Cloudflare as a secure and private DNS provider? If so, I’m referring to this video: ua-cam.com/video/-uzNMospB5I/v-deo.html
forgot to mention, as I'm running a dynamic IP, already configured pfSense to update Cloudflare.
... know I'm asking allot, but do think this is very much in line with a good way to configure all and expose a HA deployment (which in my case is also used to arm/disarm my alarm system)
the only way mine works is by using nat in firewall option. just using the firewall section wont allow the site to connect
i am facing issue i want to use my domain without 'www' i tried but not resolved and shows (503 Service Unavailable
No server is available to handle this request.) i need help in this with Haproxy and domain configuration, can u show me the video ref for redirecting non www to www once again thank you,
Hi I want to make a rule or an condition to forward to port 443 to specific domain, but I have an issue because I want to forward without certification (cert) in the other local ip I have a valid cert but they both crashed. So I don’t find a way
Great job
Thanks!
Waiting on the follow up :)
Follow-up for this is coming out Monday! It’s where my pfSense series and Docker container series cross over, as the example web server will be a containerized sample Wordpress + Database environment, behind HA Proxy... video releases at 6am Pacific time!
Sorry...but the http to https redirect rule doesn’t work...from my lan or my OpenVPN connection if I type ....I still get the internal http website version and not the https....
I was flow all your video about pfsense. I have question please help me out. I have two vm, I want to ssh to this VM without using openVPN (it's mean I want to ssh via WAN IP, I want to connect ssh via haproxy). Can you please help me, because I was research all day but can not ssh :((
HAProxy wouldn't be needed, this is just proxying web traffic. You could set up a NAT to forward port 22/TCP to the server you want to SSH to. I recommend some security measures if you're going to expose SSH to the Internet (bots will start hammering it pretty quickly)
* If at all possible, scope the allowed IPs to a particular public IP address (not always possible)
* Ensure you have a strong password on all SSH-enabled accounts on the box you're exposing
* Even better, enforce RSA key-pair authentication.
@@OMGTheCloud thanks to you for reply, So APPRECIATE