Hello,
I have a small problem but I didn't find a solution here. (I´m not expert)
I have two domains eg "one.domainname.com" and "two.domainname.com"
Both are routed to the internal network via 2 separate policies and two virtual IPs to two different IIS servers with two different internal addresses:
one.domainname.com -> 172.10.1.2 (VIP dest1)
two.domainname.com -> 172.10.1.3 (VIP dest2)
But on the same SSL port 443
VIPs are set:
WAN IP -> 172.10.1.2 with port forwarding "one to one" 443->443 (the second is the same only with a different IP address and name)
There are one policy for each VIP:
Outside int->Inside int
Source ALL, Destination dest1 (dest2 for second policy), Service ALL, SSL certificate inspection
The SSL port of the firewall is changed to different
If I enter "one.domainname.com" from the outside, the page from the internal IIS server 172.10.1.2 opens normally, but if I enter "two.domainname.com", I don't get to it, because it is not directed to the correct server, but instead to 172.10.1.3 it is still routed to 172.10.1.2 where it is not.
When I had both websites on the same server, there was no problem, but now it had to change and I don't know how to do it - so far I have set routing via port (for dest2 I changed the external port and added it to the address) and at that moment it correctly opens two.domainname.com from server 172.10.1.3 (instead of trying from .2).
How to solve this, so that I don't have to have a port in the address and traffic is routed correctly?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
I don't think the VIP is aware of the domain name? IMHO this isn't possible without using a different public IP or a different port.
Hi @Martasss ,
I think for this you can use virtual server feature and play with HTTP host header..
Check this if that helps: https://community.fortinet.com/t5/FortiGate/Technical-Tip-Setting-up-a-VIP-load-balance-with-HTTP-ho...
Abdel
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1645 | |
1070 | |
751 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.