A question on configuring an explicit proxy with more than one listening port

Forum|Forum|5 years ago
July 6, 2020
1 reply
4008 views

I have a need to configure an explicit proxy that is listening on both port 80 and 8080 on a single interface. I see that I can specify a range in both the GUI and CLI. But I want to confirm if there is any method to configure two separate ports in this way? Thank you.

localhost

Visitor III

Looks like you only can assign ip ranges, no separate ports.

CLI:

FW1 (explicit) # set http-incoming-port ?
Syntax:    <port_low>[-<port_high>]
port_low:     Lower value of the port
port_high:    Higher value of the port
Note:         <port_high> can be omitted
              if <port_low> equals to <port_high>

You could bind your explicit proxy to a loopback interface and than configure port forwarding with a VIP from your network to this loopback interface.

emnoc

New Member

That's exactly how we do it via loopbacks . And then you set controls per each ipv4 address. I wrote about this here a few years back

http://socpuppet.blogspot.com/2017/08/fortigate-explicit-proxy-with.html

make sure you heed the warning about rules id and authentication

Ken Felix

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded