diff --git a/NAT_2_fastlight b/NAT_2_fastlight
index 92a5c56..066ec89 100755
--- a/NAT_2_fastlight
+++ b/NAT_2_fastlight
@@ -8,8 +8,8 @@ ORIGINAL_DESTINATION_IP="10.0.0.104"
 FORWARD_TO_IP="10.0.100.10"
 RULES=(
     "25:25"
-    "80:80"
-    "443:443"
+    "53:53"
+    "53:53/udp"
     "2222:2222"
 )
 
diff --git a/NAT_2_norrsken b/NAT_2_norrsken
index 4c38f93..98d3b6b 100755
--- a/NAT_2_norrsken
+++ b/NAT_2_norrsken
@@ -9,8 +9,6 @@ FORWARD_TO_IP="10.0.100.20"
 RULES=(
     "53:5300"
     "53:5300/udp"
-    "80:8000"
-    "443:4430"
     "443:4430/udp"
     "22:22"
     "3478:3478"
diff --git a/README.md b/README.md
index 61c4241..e905591 100644
--- a/README.md
+++ b/README.md
@@ -1,7 +1,14 @@
-# NAT Rules for the Fixed IPv4 Provider
+# HAProxy Rules for the Fixed IPv4 Provider
 
 In case I don't have a fixed IPv4 address, I use these rules to route the services through a fixed IPv4 provider like Oracle Cloud.
 
+## Pre-Requesites
+
+* Install HAProxy on the server : `sudo dnf install -y haproxy`
+* Copy the configuration file: `sudo cp /home/opc/bin/NAT/haproxy.cfg /etc/haproxy/haproxy.cfg`
+* Enable the service: `sudo systemctl enable --now haproxy`
+* Open the ad-hoc ports (bound from haproxy.cfg) in the firewall, for instance: `sudo firewall-cmd --add-port=80/tcp --permanent`
+
 ## IP Addresses in Use
 
 | Public IP (Oracle) | Internal IP (Oracle) | Wireguard client IP | Description |
diff --git a/haproxy.cfg b/haproxy.cfg
new file mode 100644
index 0000000..67cbae7
--- /dev/null
+++ b/haproxy.cfg
@@ -0,0 +1,61 @@
+global
+    log         127.0.0.1 local2
+
+    chroot      /var/lib/haproxy
+    pidfile     /var/run/haproxy.pid
+    maxconn     4000
+    user        haproxy
+    group       haproxy
+    daemon
+
+    # turn on stats unix socket
+    stats socket /var/lib/haproxy/stats
+
+    # utilize system-wide crypto-policies
+    ssl-default-bind-ciphers PROFILE=SYSTEM
+    ssl-default-server-ciphers PROFILE=SYSTEM
+
+defaults
+    option tcplog
+    mode                    tcp
+    log                     global
+    option http-server-close
+    timeout connect         10s
+    timeout client          1m
+    timeout server          1m
+
+# HTTPS
+frontend https
+    bind :443
+
+    acl dst_fastlight    dst            10.0.0.104
+    acl dst_norrsken     dst            10.0.0.143
+
+    use_backend https_fastlight if dst_fastlight
+    use_backend https_norrsken if dst_norrsken
+
+backend https_fastlight
+    balance     roundrobin
+    server      fastlight      10.0.100.10:443      send-proxy
+
+backend https_norrsken
+    balance     roundrobin
+    server      norrsken       10.0.100.20:4430     send-proxy
+
+# HTTP
+frontend http
+    bind :80
+
+    acl dst_fastlight    dst            10.0.0.104
+    acl dst_norrsken     dst            10.0.0.143
+
+    use_backend http_fastlight if dst_fastlight
+    use_backend http_norrsken if dst_norrsken
+	
+backend http_fastlight
+    balance     roundrobin
+    server      fastlight      10.0.100.10:80      send-proxy
+
+backend http_norrsken
+    balance     roundrobin
+    server      norrsken       10.0.100.20:8000     send-proxy