Set Up HAProxy for TLS Passthrough with SNI Routing on OPNsense
In this guide, we’ll configure HAProxy on OPNsense to support TLS passthrough with SNI-based routing. This allows secure HTTPS traffic […]
HAProxy, OPNsense
OPNsense
OPNsense, WireGuard
WireGuard VPN on OPNsense 25.1
PART 1 — Set Up WireGuard on OPNsense PART 2 — Generate Client Key Pair & Config (Using OPNsense Peer
AWS EC2, BIND, OPNsense
Configure BIND on OPNsense 25.1 as Internal DNS Server for AWS VPC
Overview Component Value Internal domain maksonlee.com DNS server IP 10.0.128.4 (OPNsense LAN IP) System DNS 127.0.0.1 (loopback) Forwarder AWS DNS
Let's Encrypt, OPNsense
Let’s Encrypt on OPNsense 25.1 Using DNS-01 with Cloudflare
You’ll need this to allow OPNsense to modify DNS records for validation. You may need to re-login to the WebGUI
AWS EC2, OPNsense
Deploy OPNsense 25.1 Nano on AWS
Architecture Overview: Interface Subnet Private IP Public IP WAN (ena0) test-subnet-public1-ap-south-1a 10.0.0.4 Yes LAN (ena1) test-subnet-private1-ap-south-1a 10.0.128.4 No ⚠️ Do
AWS EC2, OPNsense
Create an EC2 AMI from Official OPNsense 25.1 Nano (raw) Image
trust-policy.json role-policy.json
OPNsense
Build OPNsense 25.1.3 Nano Image from Source
For OPNsense 25.1.3, we need FreeBSD 14.2. If you have following error, Just run the command it prompted, and build