Hosting multiple Public URLs on a external interface IP on Fortigate

Forum|Forum|1 year ago
March 24, 2025
1 reply
1314 views

I am trying to host multiple Application URLs on Fortigate's external interface public IP... can i configure it using Virtual IPs ? i need to use single public IP with same listener.

If i create as follows will it work ?

1) website1@abc.com as virtual IP1 and website2@def.com as virtual IP2 with both of them having same external public ip and same port

2) create 2 policy for each website and tag certificate via ssl-inspection

any help is appreciated.

FortiGate

AEK

SuperUser

Check this link.

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Setting-up-a-VIP-load-balance-with-HTTP-host-check/ta-p/198274

In summary you can do it but you can't use one firewall rule for each server, since the firewall rule must have the VS object as destination.

For advanced features like that you need a dedicated WAF like FortiWeb.

AEK

lostboy10Author

Explorer

thanks for the link.. is it possible to do such configuration when hosting different urls on the same external ip but both with different named certificates ?

AEK

SuperUser

If you use same IP and same port (e.g.: 443) then it seems not possible with FG.

Either use another port (e.g.: 8443 for the second) or use a SSL certificate with multiple alternate names (or wildcard).

AEK

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded