Is it possible to make fortigate act like GoDaddy for web hosting
Let's say we have public IP 102.3.4.5 and we have some websites and we want our customers to access them via HTTP and HTTPS
contoso.com 192.168.1.10
contoso.net 192.168.1.10
contoso.org 192.168.1.11
Hello,
You may consider to configure VIP or virtual server. Please find the details by following the link below:
https://docs.fortinet.com/document/fortigate/6.2.12/cookbook/713497/virtual-server
You can look at setting up a Server Load Balance VIP using HTTP Host load balancing method:
It works with HTTP only, but for HTTPS only one certificate is allowed for virtual server
You can use wildcard or SAN on the certificate.
or get a purpose-built WAF or ADC that does this functionality.
Hey frankben,
to clarify:
- are you looking for the FortiGate to own the public IP (102.3.4.5 in your example) and provide access to a server (websites) behind it via HTTP/HTTPS? And the servers are actually on 192.168.1.x IPs?
and/or
- are you looking for the FortiGate to tell everyone that the URL (contoso.com) resolves to 102.3.4.5?
If the first, then see the responses by my colleagues; yes, the FortiGate can receive traffic for a public IP, translate it to private, and make websites/etc available from Internet that way.
If the second, no - you would still need a domain provider like GoDaddy or other (Dyn)DNS services to tell everyone that 'contoso.com' translates to 102.3.4.5; the FortiGate only comes into play when traffic hits the public IP, it's not a domain provider itself.
Hi Debbie
What I want is to host multiple website through fortigate public IP 102.3.4.5
contoso.com 192.168.1.10
amazon.com 192.168.1.10
facebook.com 192.168.1.11
I was able to achieve that for HTTP only, but one I choose HTTPS in VIP then I have to upload a certificate which will not work with different domains
As mentioned in my reply a week ago, you need a wildcard certificate or a certificate with multiple SANs. Fortigate will not select individual certificates for you based on hostname. If you want this functionality you should use a purpose-built appliance such as FortiWeb or FortiADC.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.