Hi,
Does anyone can give me a guide on how to configure Fortiweb on one-arm reverse proxy mode? And also how to configure the router to support this deployment mode? (I'm not using Fortigate)
Thanks.
Best regards,
Hengky
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
hi,
is there any tips VIP is not forwarding the Http traffic to the server pool?
Hi
1. on router set forward port to Virtual IP on Fortiweb
2. on Fortiweb
- create Virtual IP same as 1.
- create policy mapping Virtual IP to webserver
- verify policy go to fortiview -> policy status
- go to monitor you will see attack event and other
Dears,
What about the configuration in Fortigate?
Thanks.
on fortiweb:
connect your fortiweb to your router or fortigate via layer3 connection and set specific ip/subnet for example 192.168.10.0/24
set one of ip in this range to fortigate or router , for example port2 192.168.10.1/24
set another ip from this rane to your fortiweb , for example port1 192.168.10.2/24
then use another ip of this range to configure your VIRTUAL SERVER on your fortiweb :192.168.10.3-192.168.10.4
make sure that fortiweb sees back-end server and exist route on your fortiweb
you can use execute ping <Physical_Server_IP_address> to understand it.
...
on your fortigate and router
route HTTP and HTTPS traffic to fortiweb
fortiweb will change source ip of packets , and all of http/s traffic will be send to back-end web server by fortiweb ip address
then use x-forwarded-for to add specific header . x-forwarded-for will send client ip address to back-end server
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1645 | |
1070 | |
751 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.