Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
AlexR2
New Contributor

Switching from Sophos need some info on Virtual Servers and Lets Encrypt

Hello Everyone,

 

I am considering switching from Sophos and trying to make sure I have matching capabilities. I have a number of internal web servers for which I would like a reverse proxy with HTTPS (and ideally basic authentication). I also would like to be able to use Lets Encrypt certs for these proxies. My questions are

 

After posting my question (below) I kept reading docs and it appears Virtual Servers are not exactly what I though but rather simple load balancers without ability to change protocol or map urls or I am missing something. The only reference I found is in Network/NAT/Virtual Server Load Balancing

 

  1. Are Virtual Server supported on FortiGate with 2G of ram (considering 50G) or they are related to proxy functionality which is not supported and require 70F or 90G?
  2. I understand WAF is not supported for 2G servers what's its relationship with Virtual Servers?
  3. Can Virtual Servers be on internal network without public IP/DNS?
  4. Can I use Lets Encrypt with such virtual servers (no public IP/DNS) and how would Lets Encrypt be provisioned. With Sophos I had a total flexibility to enter cert info including multiple subject alternative names and then assign them to my virtual servers. Limited docs that I read on FortiGate seem to imply that SAN is hardcoded to fortigate domain
  5. Can I have multiple such servers as long as they have different IP/Port
  6. Are FortiGate Virtual Servers similar to Sophos (reverse proxies with inspections) and will do the job for me or I should be looking at FortiGate Proxies instead
  7. If I need to use Proxies, do they support LetsEncrypt certs? 

Any input is greatly appreciated

 

Thank you,

Alex

1 REPLY 1
khairka9
New Contributor

That is likely the frustration amongst users. I think most would appreciate a YES, NO, or some firm roadmap with respect to Lets Encrypt. Considering the popular requests, an "official" statement from Sophos on the topic would be helpful so the customer can plan ahead https://tutuapp.uno/ . Thanks.

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors