Behind haproxy cannot logon to e-mail

Help!
1

Hello,

I’d appreciate some help because I’m stuck.
I have a public IP, where behind haproxy i have two servers (VM-s).
server1.mydomain.com
nc.mydomain.com

The problem that the I cannot log in on the e-mail on VM-s, nor log in phpmyadmin if I go withe DNS name.
With the “192.168.97.50/SoGo/” i can connect on the SoGo (and also on the phpmyadmin)
It is as if x does not send data to the VM.

Here is my haproxy.conf
#

global

log /dev/log    local0


log /dev/log    local1 notice


chroot /var/lib/haproxy


stats socket /run/haproxy/admin.sock mode 660 level admin


stats timeout 30s


user haproxy


group haproxy


daemon


    # Default SSL material locations



ca-base /etc/ssl/certs


crt-base /etc/ssl/private


    # Default ciphers to use on SSL-enabled listening sockets.
    # For more information, see ciphers(1SSL).



ssl-default-bind-ciphers EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5$


#ssl-default-bind-options no-sslv3 no-tls-tickets #disable SSLv3


tune.ssl.default-dh-param 2048 #tune DH to 2048


defaults

log     global

mode    http

option  httplog

option  dontlognull

timeout connect 5000

timeout client  50000

timeout server  50000

errorfile 400 /etc/haproxy/errors/400.http

errorfile 403 /etc/haproxy/errors/403.http

errorfile 408 /etc/haproxy/errors/408.http

errorfile 500 /etc/haproxy/errors/500.http

errorfile 502 /etc/haproxy/errors/502.http

errorfile 503 /etc/haproxy/errors/503.http

errorfile 504 /etc/haproxy/errors/504.http


en ttem beke, elotte is benne volt de nem mukodott fentebb


    log 127.0.0.1:514  local0  info



tune.ssl.default-dh-param 2048


frontend public


    # Listen on port 80
    bind *:80

    # Listen on port 443
    bind *:443 ssl crt /etc/ssl/certs/mydomain.com.pem

    mode http
   # Define ACLs for each domain
    acl server1 hdr(host) -i server1.mydomain.com
    acl nc hdr(host) -i nc.mydomain.com

    # Figure out which backend (= VM) to use
    use_backend server1_server if server1
    use_backend nc_server if nc



backend server1_server


    http-request set-header X-Forwarded-Port %[dst_port]
    http-request add-header X-Forwarded-Proto https if { ssl_fc }
    rspadd Strict-Transport-Security:\ max-age=15768000;\ includeSubDomains #enable HSTS header for this backend
    rspadd X-XSS-Protection:\ 1;\ mode=block #enable XSS protection for this backend

    balance leastconn
    option httpclose
    option forwardfor
    cookie JSESSIONID prefix

    # Redirect to server1 VM on port 80
    server server1_server 192.168.97.50:80 cookie A check
    # sajat  Redirect to server1 VM  on port 443 with SSL



server server1_server 192.168.97.50:443 weight 1 maxconn 100 check ssl verify none

http-request del-header Authorization


backend nc_server


    http-request set-header X-Forwarded-Port %[dst_port]
    http-request add-header X-Forwarded-Proto https if { ssl_fc }
    rspadd Strict-Transport-Security:\ max-age=15768000;\ includeSubDomains #enable HSTS header for this backend
    rspadd X-XSS-Protection:\ 1;\ mode=block #enable XSS protection for this backend

    balance leastconn
    option httpclose
    option forwardfor
    cookie JSESSIONID prefix

    # Redirect to nc (nextcloud) VM on port 443 with SSL
    server srv01 192.168.97.60:80 cookie A check



#letorolve a v egerol


weight 1 maxconn 100 check ssl verify none


My sogo.log:

"  Oct 28 14:09:46 sogod [3211]: SOGoRootPage Login from ‘192.168.97.1, 192.168.97.10’ for user ‘(null)’ might not have worked - password policy: 65535  grace: -1  expire: -1  bound: 0

Oct 28 14:09:46 sogod [3211]: 192.168.97.1, 192.168.97.10 “GET /SOGo/connect HTTP/1.1” 403 34/0 0.002 - - 0

"

Thank you,