How To Guide For HAProxy and Let's Encrypt on pfSense: Detailed Steps for Setting Up Reverse Proxy [YouTube Release]

Additional Resources:

Connecting With Us

Lawrence Systems Shirts and Swag



Amazon Affiliate Store
:shopping_cart: Lawrence Systems's Amazon Page

All Of Our Affiliates that help us out and can get you discounts!
:shopping_cart: Affiliates We Love - Lawrence Technology Services

Gear we use on Kit
:shopping_cart: Kit

Use OfferCode LTSERVICES to get 10% off your order at
:shopping_cart: Tech Supply Direct - Refurbished Tech at Unbeatable Prices

Digital Ocean Offer Code
:shopping_cart: DigitalOcean | Cloud Hosting for Builders

HostiFi UniFi Cloud Hosting Service
:shopping_cart: HostiFi - UniFi Cloud Hosting

Protect you privacy with a VPN from Private Internet Access
:shopping_cart: Buy VPN with Credit Card or PayPal | Private Internet Access


:stopwatch:Time Stamps :stopwatch:
00:00 :arrow_forward: HAProxy on pfsense
00:00 :arrow_forward: How The HAProxy Reverse Proxy Works
06:46 :arrow_forward: pfsene packages and WebConfigurator settings
07:28 :arrow_forward: ACME Let’s Encrypt Setup
10:40 :arrow_forward: Setting Up HAProxy General Settings
11:47 :arrow_forward: Creating HAProxy Backend
12:50 :arrow_forward: Creating HAProxy Frontend
14:45 :arrow_forward: DNS Settings & Host Override Setup

#pfsense #firewall #networking

Hi. When I try this I get nxdomain on truenas in dig. When I use dig on my main domain it works and the ip is reported. I don’t understand why? I followed the video to the letter. Also, I saw in your video that you use the default webconfigurator and not letsencrypt cert in advanced? Can you do that and still have it work?

I am not fully clear on what your question is but if TrueNAS reports a different DNS response than your other system then you probably do not have TrueNAS using the pfsense as your DNS.

Ok. sorry. I explained badly. This is the result I get when I try to resolve dns (**** is instead of my domain):

root@rock-4se:/# dig truenas.****

; <<>> DiG 9.16.42-Debian <<>> truenas.****
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44659
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 3c509286ddc61c140100000064dc955fd9b2fe32e8b0ed54 (good)
;truenas.**** IN A

**** 551 IN SOA 2023081501 28800 7200 604800 600

;; Query time: 30 msec
;; WHEN: Wed Aug 16 09:22:39 UTC 2023
;; MSG SIZE rcvd: 154

But I can resolve the domain itself. If I dig **** it reports my external ip so letsencrypt works. So I don’t understand why dns isn’t working? I know dns is like magic and I must know the right spells so I’m wondering if you have anything off the top of your head that feels obvious that I’ve done wrong or how I can troubleshoot?

You need a separate DNS entry for truenas.**** You can’t just point **** to an IP and have all the somethings.**** go there.

thank you for the respons. I gonna keep working on it. I have a feeling I wanna do more then my knowledge allows. I did add the truenas in dns resolver host override so I think I must have screwed up somewhere. I’m gonna keep at it. Thanks.


I just saw your video but… my isp gives me a dynamic ipv4, but instead it gives me a static /56 ipv6 prefix. Can I use that instead?

Not sure, I don’t use IPV6.