Make a VIP based on dns trying to simulate a reverse proxy?

Forum|Forum|1 year ago
March 4, 2025
1 reply
1394 views

Is it possible to make the Fortigate route traffic in this way:

External dns pointing to fortigate public ip > fortigate external interface > route the traffic based on dns to a internal IP ONLY if it matches the requested dns?

example using other dns names:

google.com > 8.8.8.8 (fortigate external ip) > 192.168.1.200 (internal system)

Essentially asking if the fortigate can serve the same purpose as a reverse proxy which checks source packets trying to match dns and redirect to a local server.

I hope i explained in a understandable way and thanks in advance.

Best answer by funkylicious

hi,

something like what you are describing to need is documented here, https://community.fortinet.com/t5/FortiGate/Technical-Tip-Setting-up-a-VIP-load-balance-with-HTTP-host-check/ta-p/198274

funkyliciousAnswer

SuperUser

hi,

something like what you are describing to need is documented here, https://community.fortinet.com/t5/FortiGate/Technical-Tip-Setting-up-a-VIP-load-balance-with-HTTP-host-check/ta-p/198274

"jack of all trades, master of none"

se7Author

Visitor III

This was exactly what i was looking for, a big bummer that the 60F doesnt support proxy inspection mode, is it possible to bypass this restriction by using another method or am i completely out of luck regarding this?

Thanks in advance

funkylicious

SuperUser

downgrade to something lower than 7.4.4 when the proxy inspection was eliminated on appliances with 2GB RAM :<

"jack of all trades, master of none"

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded