Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
sdi
New Contributor

virtual ip with http host detection?

Hi,

 

can you point me into the right steps how to implement the following: internet -> webserver1.intra.myintradomain.com -> goes to: 10.0.1.150:80

internet -> webserver2.intra.myintra.domain.com -> goes to: 10.0.1.160:80

 

So I would like to implement above. I know how to just map all traffic from an external port (let's say 80) to ONE SAME internal host, let's say: 10.0.1.200.

 

But how do I map traffic analyzing the FQDN (webserver1. etc...) to an internal ip? I don't have such an option unter Policy&Objects/VirtualIP's.

 

Thank you.

7 REPLIES 7
Toshi_Esumi
SuperUser
SuperUser

I'm not sure if this answers to your question. But have you searched and found like this?

https://docs.fortinet.com...s-with-port-forwarding

sdi

Hi, no your link is something different. That's port forwarding.

Toshi_Esumi

If you're looking for using FQDN on mapped-ips, you can use type. But I'm still not sure what exactly you want to do.

https://help.fortinet.com/fos50hlp/56/Content/FortiOS/fortigate-firewall/Object%20Configuration/Virt...

 

sdi

I would like to access two different internal Webservers on two different internal Ip's. over one public IP. let's say: webserver1.internal and webserver2. internal
Toshi_Esumi

That's not going to work, because both are the same port 80 or 443 access at the one public IP. The FGT's VIP doesn't look inside of HTTP/HTTPS data packets to look for the URL it's trying to reach.

sdi

it should work. it does on sophos Utms and on checkpoint appliances. should work with fortinet as well. probably doing a reverse proxy and lb. I was hoping to get some help here. I guess I will have to open a ticket.
Markus
Valued Contributor

This is not possible with Fortigate. You need two public IPs/Vips if you have 2 Webserver on same port.


________________________________________________________
--- NSE 4 ---
________________________________________________________

________________________________________________________--- NSE 4 ---________________________________________________________
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors