At the tail end of a complete homelab rebuild and struggling to get Synology DSM available behind HAProxy on pfSense (and its driving me batty).
I had this all working prior to the rebuild and have (re)setup as follows:
Its for internal use only (I dont have anything exposed publicly and am not setting up access for external use)
HAProxy is installed and working fine as per Tom’s videos.
I have a virtual IP setup on the same VLAN Im accessing from that has DNS overrides for DSM and other services (UniFi Controller, etc) and these all work via HAProxy except DSM…
Synology is accessible on :5000 (http) and :5001 (https) and is accessible by address. I have automatically redirect HTTP to HTTPS enabled in DSM>Control Panel> Login Portal and dont have anything set in customized domain
In pfSense, the certificate is issued fine (Cloudflare/Lets Encrypt) and the HAProxy backend is:
Address + Port 172.16.1.20 5001 Encrypt SSL-checked nothing else selected or configured
The Front End is watching the virtual IP and then directing to the various backends and as I mention working fine for UniFi controller and other services.
When I try and go to the FQDN I get a Synology NGINX page with the message “The plain HTTP request was sent to HTTPS port”.
If I run a traceroute I see the request gets directed to the virtual IP correctly (no other details provided) but the message suggests to me that its trying to go to port 5000 (HTTP) rather than 5001 (HTTPS)?
I’ve tried disabling the HTTPS redirect in DSM, triple checked the ports are correct and rebooted things a few times just in case.
Anyone got any ideas what I’m missing?