Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
dgcook
New Contributor

Created on ‎07-06-2020 07:26 AM

A question on configuring an explicit proxy with more than one listening port

I have a need to configure an explicit proxy that is listening on both port 80 and 8080 on a single interface. I see that I can specify a range in both the GUI and CLI. But I want to confirm if there is any method to configure two separate ports in this way? Thank you.

3320
0 Kudos
2 REPLIES 2
localhost
Contributor III

Created on ‎07-06-2020 07:57 AM

Looks like you only can assign ip ranges, no separate ports.

 

CLI:

FW1 (explicit) # set http-incoming-port ?
Syntax:    <port_low>[-<port_high>]
port_low:     Lower value of the port
port_high:    Higher value of the port
Note:         <port_high> can be omitted
              if <port_low> equals to <port_high>

 

 

You could bind your explicit proxy to a loopback interface and than configure port forwarding with a VIP from your network to this loopback interface.

2447
0 Kudos
emnoc
Esteemed Contributor III
In response to localhost

Created on ‎07-06-2020 09:56 AM

That's exactly how we do it via loopbacks . And then you set controls per each ipv4 address. I wrote about this here a few years back

 

http://socpuppet.blogspot.com/2017/08/fortigate-explicit-proxy-with.html

 

make sure you heed the warning about rules id and authentication

 

Ken Felix

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
2447
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.