Sean Coston
Contributor
- Joined
- Jul 25, 2014
- Messages
- 128
I just got my very own pfSense device up and running on its own hardware:
Mini ITX pfSense Router/Firewall with 5x Gbe LAN, 64Gb SATA SSD pre-loaded with 64 bit pfSense 2.2.6
I have FreeNAS-9.3-STABLE running on a Lenovo TS-140
Platform Intel(R) Xeon(R) CPU E3-1276 v3 @ 3.60GHz
Memory 28438MB
I have 8 jails successfully installed and running well:
Plex, Transmission, ownCloud on NGINX, mythTV backend with mythweb, HD homerun DVR, calibre, KMTTG (tivo), and a Minecraft server.
Several of these have http webgui interfaces that can't be configured with ssl connections. I know I'm asking a lot, but I'd like to be able to point them at the internet and be able to somewhat safely access them by implementing a reverse proxy on my pfSense device. I have a domain that is constantly monitored by DynDNS and updated to my outward facing Comcast modem's ip address. From here on out I'll refer to that domain as "SDC.net" (though in actuality it is different) . Attached is an image of my very basic network configuration.
The FreeNAS has several jails running that all have their own LAN ip addresses. Some of the jails (like MythTV backend, calibre, and my kiddo's Minecraft server) all present http interfaces and I'd like to be able to use https (SSL) from the www to navigate to my home domain, have SSL terminate in the pfSense reverse proxy server and have the server forward either http or https connections to the proper LAN IP's.
Can anyone point me to a resource that, at a very granular and basic level, walks through setting up Haproxy onpfSense to do this? I found these threads on the pfsense forum which have some good info, but I still can't seem to get my set up to work.
https://forum.pfsense.org/index.php?topic=103726.0
https://forum.pfsense.org/index.php?topic=93766.msg527268#msg527268
Lots of ground covered in these... The second one gives a link to pdf attachment with basics.
I am posting here because I'm really trying to access my FreeNAS jail servers/apps more safely from the outside world.
Also, the pfSense forums are not well very active, it seems. The pfSense community seems to want to point people to the paid support resources, and certainly - If I was running a business - I'd go that route. But this is just my file and media server and lowly home network.
Anyone out there who's done this who is willing to help?
Sean
Mini ITX pfSense Router/Firewall with 5x Gbe LAN, 64Gb SATA SSD pre-loaded with 64 bit pfSense 2.2.6
I have FreeNAS-9.3-STABLE running on a Lenovo TS-140
Platform Intel(R) Xeon(R) CPU E3-1276 v3 @ 3.60GHz
Memory 28438MB
I have 8 jails successfully installed and running well:
Plex, Transmission, ownCloud on NGINX, mythTV backend with mythweb, HD homerun DVR, calibre, KMTTG (tivo), and a Minecraft server.
Several of these have http webgui interfaces that can't be configured with ssl connections. I know I'm asking a lot, but I'd like to be able to point them at the internet and be able to somewhat safely access them by implementing a reverse proxy on my pfSense device. I have a domain that is constantly monitored by DynDNS and updated to my outward facing Comcast modem's ip address. From here on out I'll refer to that domain as "SDC.net" (though in actuality it is different) . Attached is an image of my very basic network configuration.
The FreeNAS has several jails running that all have their own LAN ip addresses. Some of the jails (like MythTV backend, calibre, and my kiddo's Minecraft server) all present http interfaces and I'd like to be able to use https (SSL) from the www to navigate to my home domain, have SSL terminate in the pfSense reverse proxy server and have the server forward either http or https connections to the proper LAN IP's.
Can anyone point me to a resource that, at a very granular and basic level, walks through setting up Haproxy onpfSense to do this? I found these threads on the pfsense forum which have some good info, but I still can't seem to get my set up to work.
https://forum.pfsense.org/index.php?topic=103726.0
https://forum.pfsense.org/index.php?topic=93766.msg527268#msg527268
Lots of ground covered in these... The second one gives a link to pdf attachment with basics.
I am posting here because I'm really trying to access my FreeNAS jail servers/apps more safely from the outside world.
Also, the pfSense forums are not well very active, it seems. The pfSense community seems to want to point people to the paid support resources, and certainly - If I was running a business - I'd go that route. But this is just my file and media server and lowly home network.
Anyone out there who's done this who is willing to help?
Sean