Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Philippe_ASTIER
New Contributor

Fortigate : URL rewriting ?

Hi all,

 

I have my Fortigate (61E running 6.2.3) with dual-wan for a while, and a few external services : SMTP, IMAP, HTTPS. Up until now, I've been using virtual IPs to redirect the traffic to the relevant servers, hence purely based on ports, as each of this service was hosted on a single server.

 

In fact, I already serve multiple DNS entries for HTTPS, but this is all sorted by Apache Virtual Hosts on the same server.

 

Now, I would like to run HTTPS from 2 or 3 different VMs, for different external DNS entries, of course using the same external IPs of my 2 WAN connections. I can remember some firmware before 6.x where this could be done. Now I really don't see how to achieve that in 6.2.3.

 

I'm going through the Cookbook, looking at Virtual Servers for example, but I can not see a way to redirect traffic to the right server based on the URL used. This seems to be available in Fortiweb though...

 

Any suggestion is more than welcome !!!

3 REPLIES 3
James_G
Contributor III

FortiADC is probably the best product for you, I don't remember Fortigate ever being able to do this

localhost

I think you are looking for Host based redirection not URL rewriting. This is possible in 6.0, should be still possible in 6.2 I guess:

 

https://docs.fortinet.com/document/fortigate/6.0.0/handbook/824987/http-host-based-load-balancing

 

For any other more advanced L7 functionality you'll need a FortiADC or FortiWeb.

Philippe_ASTIER

I think this is what I was looking for, I will have a try.

 

Moving the documentation from "handbook" to "cookbooks" has not really helped in reading the documentation....

 

localhost wrote:

I think you are looking for Host based redirection not URL rewriting. This is possible in 6.0, should be still possible in 6.2 I guess:

 

https://docs.fortinet.com/document/fortigate/6.0.0/handbook/824987/http-host-based-load-balancing

 

For any other more advanced L7 functionality you'll need a FortiADC or FortiWeb.

Top Kudoed Authors