SO, I finally used Tom’s video *Like everyone else! * Of the Let’s Encrypt + pfSense + HA Proxy for my internal network. Its working fine using the FQDN “subdomain.domain.com”, but when I’m OpenVPN into the network I’m unable to access anything by IP Address on my NAS Box specifically. I have Pi hole, Plex, Unifi Console all running on docker containers. The Pi hole I did not setup in HA Proxy.
NAS = 192.168.150.5:8025
Portainer = 192.168.150.5:19943
Pi hole = 192.168.150.5:80
Unifi = 192.168.150.5:8443
Accessing my Mac Mini through TeamViewer not using OpenVPN:
Able to Ping 192.168.150.5 and 100% reply rate, able to use Safari to visit all sites using IP Address+Port or FQDN and gets SSL Cert on both.
Access network on Dell Laptop via OpenVPN unable to ping via IP Address 100% failure rate. Able to access site via FQDN unable to access via IP Address + Port.
I’m not sure what settings in pfSense you would need to see to be honest not sure where to start to be honest. Also, I can access everything via the FQDN SSL fast, but when I use the pfsense FQDN it takes about 20 seconds for it to pull up. If I’m physically on the network at a PC and not OpenVPN in, then I can access all Servers via IP Address+Port or FQDN
I’ve used or tried to use HA proxy within pfsense several times… At some point it worked that all of a sudden it started throwing pfsense critical errors… I tried again last week, couldn’t get it to work and again weird pfsense erros. I’ve abandoned haproxy now and went for something far more stable like traefik now (or nginx proxy) before. Sorry if that doesn’t help you but even after digging through Tom’s video’s time and time again and doing everything right, I still had a lot of issues. Not a particularly stable package that one. At least for me
First, HAProxy is stable. Second, if you can not ping your NAS when connected via the VPN then you have some setting regarding networking and or OpenVPN wrong.
As for troubleshooting HAProxy, I have a video here on that topic that walks you through the steps.
Thank you for your reply we all appreciate all you do for the community and helping it. I did watch the video today and all my settings align up. Unfortunately, I’ll have to take a look at the OpenVPN settings which I thought might be the case. I watched your other video of setting up SSL for the Freenas exposing it to internet traffic, but I can’t seem to figure out how to do a Wild Card SSL for WAN. I tried going into this one I setup and instead of doing LAN side adding WAN side also but that didn’t seem to expose anything on the WAN Side. Could you forward me to some info you might have?
I have a video on how to create a wildcard here: