Hosting multiple Public URLs on a external interface IP on Fortigate

lostboy10 · ‎03-23-2025

I am trying to host multiple Application URLs on Fortigate's external interface public IP... can i configure it using Virtual IPs ? i need to use single public IP with same listener.

If i create as follows will it work ?

1) website1@abc.com as virtual IP1 and website2@def.com as virtual IP2 with both of them having same external public ip and same port

2) create 2 policy for each website and tag certificate via ssl-inspection

any help is appreciated.

AEK · ‎03-24-2025

Check this link.

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Setting-up-a-VIP-load-balance-with-HTTP-ho...

In summary you can do it but you can't use one firewall rule for each server, since the firewall rule must have the VS object as destination.

For advanced features like that you need a dedicated WAF like FortiWeb.

AEK

lostboy10 · ‎03-24-2025

thanks for the link.. is it possible to do such configuration when hosting different urls on the same external ip but both with different named certificates ?

AEK · ‎03-24-2025

If you use same IP and same port (e.g.: 443) then it seems not possible with FG.

Either use another port (e.g.: 8443 for the second) or use a SSL certificate with multiple alternate names (or wildcard).

AEK

dingjerry_FTNT · ‎03-24-2025

Hi @lostboy10 ,

FGT may not be working for your scenario. You may need FortiWeb.

Regards,

Jerry

Hosting multiple Public URLs on a external interface IP on Fortigate

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website