Skip to main content
kliew
kliew
New Member
March 19, 2007
Question

Policy route to redirect http/https traffic

  • March 19, 2007
  • 5 replies
  • 7483 views
My Fortigate policy route skills are not that great so hopefully someone can point me in the right direction... Basically I want to redirect all tcp port 80 and 443 traffic thru an internal ISA firewall rather than force every user to use Proxy settings on their browser. FG' s internal IP: 192.168.100.254 / 24 ISA' s internal IP: 192.168.100.9 / 24 PC' s internal IP range 192.168.100.x / 24 To apply a policy route like that (if its possible in the first place) do I need to add another default static route for all 0.0.0.0 traffic out via interface internal 192.168.100.9 as well?

    5 replies

    doshbass
    doshbass
    New Member
    March 20, 2007
    This is a nice easy one. Go to route = static = policy route Selext the ip protocol (6 = TCP I think), the incoming interface and select the destination ports (443 and 80) Then select next hop to be teh IP address of your ISA. This will redirect all http and https traffic to your ISA box. Jon
    A
    Anonymous_User
    Contributor
    March 20, 2007
    And static route how lock ? I serch a link with a example. I find this but , I want a example with routing static and policy routing.
    doshbass
    doshbass
    New Member
    March 20, 2007
    No need for a route on the fortigate, the next hop becomes the route, All traffic matching the policy will get forwarded to teh ISA
    A
    Anonymous_User
    Contributor
    March 20, 2007
    I have this configuration WAN1 ISP1 WAN2 ISP2 LAN 192.168.0.0 Static route its all trafic on wan1 I want to redirect trafic http on wan2 Its necesary to add a new rout to exit on wan2, and it' necesary to make firewall policy ?
    A
    Anonymous_User
    Contributor
    March 20, 2007
    Static route its all trafic on wan1
    Ok.
    I want to redirect trafic http on wan2
    This would be your only policy route
    Its necesary to add a new rout to exit on wan2, and it' necesary to make firewall policy ?
    Yes. Configure ' normally' , just using wan1 for all traffic. If this works, take step 2 (establish policy route for your http traffic and write a firewall policy matching this traffic) *have a lot of fun*
    Terms & ConditionsAccessibility statement