I’m moving from a Dell Sonicwall to a Netgate 8200 with PFSense+. Here is my scenario:
I need to access two servers in my local network; DNS is in place externally and internally.
Server-A hosts computer-aided dispatch software with multiple ports needed to access TLS and UDP protocols. The third-party SSL certificate is bound directly to the server. (considering Let’s Encrypt)
Server-B is a web server (accessible for public view) that only needs ports 80 and 443 for the webpage and Let’s Encrypt.
With Sonicwall, I have FQDN-specific NAT rules, i.e., if the destination is Server-A.mydomain.com, then forward to Server-A internal address on specified ports.
What is the best way to handle this? Can it all be done within HAProxy or a combination of NAT rules?
VPN has now entered the chat…(Sonicwall NetXtender was horrible for users)