Configuration example

paul.aviles · August 17, 2017, 8:51pm

Hello, I have a pair of HAproxy servers in front of a bunch of web and application servers with a single public IP address and at this time they are not using https. We also have an Exchange 2016 server which is not going though HAP and instead is nated on the Cisco ASA to another internal IP so https is on a separate path now.

We use the web server’s name to distribute the traffic as shown in the config below and we would like to put all the web and app servers to use https and also put the Exchange server behind HAP and also make sure that the IP address of the external clients are visible on the backend hosts. In the event of an attack/issue we should be able to see the real IP address being used on each backend servers.

I guess this would also require that each backend server had their own ssl certificate which is Ok.

Can this be done with HAP and can anyone share a sample config if possible?

Really appreciated!

frontend http-in
bind 192.168.0.53:80

option httpclose

ACL

acl is_server1.domain.com            hdr_end(host) -i server1.domain.com

USE_BACKEND

use_backend server1.domain.com       if is_server1.domain.com

BACKEND_SERVER

backend server1.domain.com
     server domain 192.168.0.100:80 weight 1 maxconn 50 check

Topic		Replies	Views
Need help with multiple domains, one public IP Help!	2	2552	March 7, 2021
Reverse proxy to Exchange and webserver Help!	0	816	October 9, 2018
1 Public IP 2 webservers ports 80/443 how to? Help!	9	2319	September 8, 2019
Haproxy use_backend condition (acl) is missing the backend Help!	2	1017	January 4, 2020
frontEnd defination Help!	1	310	October 29, 2019

Configuration example

ACL

USE_BACKEND

BACKEND_SERVER

Related Topics