Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Duy2003
New Contributor III

Created on ‎02-18-2025 07:05 PM

Configure VIP for Application on FortiADC

Dear Team,
In my system, I am using an app service. This app has 2 NAT ports to the outside, port 4432 (used to encrypt HTTPS links) and port 802 (used to get HTTP app data). But the main protocol used is L7/TCP for the app api to work, it cannot use Profile HTTPS or HTTP. Is there a way for me to use L7/TCP and still configure content routing for port 802 and 4432?

Labels:
161
0 Kudos
3 REPLIES 3
Jean-Philippe_P
Moderator
Moderator

Created on ‎02-21-2025 05:43 AM

Hello Duy2003, 

 

Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible. 

 

Thanks, 

Jean-Philippe - Fortinet Community Team
119
0 Kudos
Jean-Philippe_P
Moderator
Moderator

Created on ‎02-24-2025 02:17 AM

Hello,

 

We are still looking for an answer to your question.

 

We will come back to you ASAP.

 

Thanks,

Jean-Philippe - Fortinet Community Team
95
Jean-Philippe_P
Moderator
Moderator

Created on ‎02-25-2025 12:32 AM

Hello Duy2003,

 

Can you tell me if the following steps fix the issue?

 

To configure content routing for ports 802 and 4432 using L7/TCP on FortiADC, follow these steps:

 

1. Create a Custom Application Profile:

- Navigate to the application profiles section in FortiADC.

- Create a new custom application profile with the type set to TCP.

- This profile will allow you to handle L7/TCP traffic without using standard HTTP or HTTPS profiles.

 

2. Configure Virtual Server:

- Set up a virtual server to listen on ports 802 and 4432.

- Assign the custom TCP application profile to this virtual server.

 

3. Set Up Content Routing:

- Define content routing policies based on your requirements.

- Since you are using L7/TCP, you may need to use other criteria for routing decisions, such as source IP or other TCP header information, as HTTP headers won't be available.

 

4. Assign Content Routing Policies:

Apply the content routing policies to the virtual server configured for ports 802 and 4432.

 

5. Test Configuration:

Ensure that the configuration is working as expected by testing the application traffic through the FortiADC. By following these steps, you can use L7/TCP for your application while still implementing content routing for the specified ports.

 

Hope this helps!

Jean-Philippe - Fortinet Community Team
79
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.