07.06.2023

How to install HAProxy load balancer on PFsense

What is PfSense

PfSense is powerful FreeBSD-based software complex. Usually it's using as gateway, firewall, traffic-forwarder, proxy etc. Albeit is FreeBSD "under-the-hood" installed, browser-access is enough for almost all management operations. This simplicity coupled with power and customization abilities is PfSense "killer-features" for a long time.

What is HAProxy

HAProxy is well-known open source load balancer. Originally it was designed for installation on Linux server, but now HAProxy could be installed on much enterprise-level routers, virtual machines etc. In this article I will describe how to install HAProxy on PfSense firewall.

Infrastructure preparing

To show how HAProxy working you need to prepare at least three servers - two as "content contained" server, third as PfSense firewall and HAProxy balancer. So, to do this:

HAProxy installation

To install and configure HAProxy on PfSense server plis follow these steps:

Project files placing and HAProxy cheching

Just look at this article, and deploy the website as prepared in "Website deployment" paragraph. Then check as described in "Balancer checking" paragraph. Result should be similar.

Security tuning

To improve security, you could totally disable any traffic to the content servers via "public" interface, except traffic that comes from your own IP. Return back to the ServerSpace client area, then open each backend server's settings and add two firewall rules - allow traffic from your own IP and deny others. Be careful, to avoid access losing you should place "positive" rules before "negative".

Conclusion

After reading this matherial you knew what is PfSense and how to install and secure HAProxy plgin on it.