Hi All,
I created the following FE and BE in HAproxy (On Pfsense) for a set of VM`s:
frontend Exchange-FE-SMTP
bind External-IP-here:25 name External-IP-here:25 ssl crt-list /var/etc/haproxy_test/Exchange-FE-SMTP.crt_list
mode tcp
log global
timeout client 30000
default_backend ExchangeBE-withLB-SMTP_ipvANY
backend ExchangeBE-withLB-SMTP_ipvANY
mode tcp
id 108
log global
balance roundrobin
timeout connect 30000
timeout server 30000
retries 3
option httpchk OPTIONS /
use-server E2019Node1 if SMTP
use-server E2019Node2 if SMTP
server E2019Node1 10.10.10.201:25 id 101 check inter 1000
server E2019Node2 10.10.10.202:25 id 102 check inter 1000
But when i hit save I get the following message :
Errors found while starting haproxy
[ALERT] 225/161943 (4392) : parsing [/var/etc/haproxy_test/haproxy.cfg:111] : error detected while parsing switching rule : no such ACL : ‘SMTP’.
[ALERT] 225/161943 (4392) : parsing [/var/etc/haproxy_test/haproxy.cfg:112] : error detected while parsing switching rule : no such ACL : ‘SMTP’.
[ALERT] 225/161943 (4392) : Error(s) found in configuration file : /var/etc/haproxy_test/haproxy.cfg
[ALERT] 225/161943 (4392) : Fatal errors found in configuration.
I had a look at “/var/etc/haproxy_test/haproxy.cfg”. Its the lines I`ve pasted above, and noticed the ACL parameter is always missing (even though I’m defining it in the Backend config)
The ACL is not getting saved to the config file, which results in the back end servers not being used as intended.
Editing the /var/etc/haproxy/haproxy.cfg file gets overwritten by PF sense when the ‘Save’ button is clicked in the HAProxy/Backend GUI.
Am I doing something wrong here? I have created setups like this in the past and I’ve never run into anything like this.