Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
frankben
New Contributor

Web hosting like GoDaddy

 

Is it possible to make fortigate act like GoDaddy for web hosting

 

Let's say we have public IP 102.3.4.5 and we have some websites and we want our customers to access them via HTTP and HTTPS

 

contoso.com 192.168.1.10
contoso.net 192.168.1.10
contoso.org 192.168.1.11

7 REPLIES 7
abarushka
Staff
Staff

Hello,

 

You may consider to configure VIP or virtual server. Please find the details by following the link below:

 

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Virtual-IP-VIP-port-forwarding-configurati...

https://docs.fortinet.com/document/fortigate/6.2.12/cookbook/713497/virtual-server

FortiGate
gfleming
Staff
Staff

You can look at setting up a Server Load Balance VIP using HTTP Host load balancing method:

https://docs.fortinet.com/document/fortigate/7.2.3/administration-guide/713497/virtual-server-load-b...

Cheers,
Graham
frankben
New Contributor

It works with HTTP only, but for HTTPS only one certificate is allowed for virtual server

gfleming

You can use wildcard or SAN on the certificate.

 

or get a purpose-built WAF or ADC that does this functionality. 

Cheers,
Graham
Debbie_FTNT
Staff
Staff

Hey frankben,

 

to clarify:

- are you looking for the FortiGate to own the public IP (102.3.4.5 in your example) and provide access to a server (websites) behind it via HTTP/HTTPS? And the servers are actually on 192.168.1.x IPs?

and/or

- are you looking for the FortiGate to tell everyone that the URL (contoso.com) resolves to 102.3.4.5?

 

If the first, then see the responses by my colleagues; yes, the FortiGate can receive traffic for a public IP, translate it to private, and make websites/etc available from Internet that way.

If the second, no - you would still need a domain provider like GoDaddy or other (Dyn)DNS services to tell everyone that 'contoso.com' translates to 102.3.4.5; the FortiGate only comes into play when traffic hits the public IP, it's not a domain provider itself.

+++ Divide by Cucumber Error. Please Reinstall Universe and Reboot +++
frankben

Hi Debbie

 

What I want is to host multiple website through fortigate public IP 102.3.4.5

 

contoso.com 192.168.1.10
amazon.com 192.168.1.10
facebook.com 192.168.1.11

 

I was able to achieve that for HTTP only, but one I choose HTTPS in VIP then I have to upload a certificate which will not work with different domains

gfleming

As mentioned in my reply a week ago, you need a wildcard certificate or a certificate with multiple SANs. Fortigate will not select individual certificates for you based on hostname. If you want this functionality you should use a purpose-built appliance such as FortiWeb or FortiADC.

Cheers,
Graham
Labels
Top Kudoed Authors