Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Micheal
New Contributor

Server Load Balancing - Redirect http-to-https

Hi All,

 

We want to migrate our websites from Riverbed Load Balancer, to the Fortigate 3000D Firewall.

The PoC website is configured and calling the website on https is working correctly, example: https://lnbpoc.example.com, but we want http://lnbpoc.example.com to redirect to https://lnbpoc.example.com.

 

Using the Load Balance feature with, virtual server to real server setup.

 

Is this possible on the Fortigate 3000D?

 

Kind Regards,

Micheal

5 REPLIES 5
Markus
Valued Contributor

Hi Micheal As i know, this is not possible. You have to do this on the webserver. Best regards,

Markus


________________________________________________________
--- NSE 4 ---
________________________________________________________

________________________________________________________--- NSE 4 ---________________________________________________________
PaulW
New Contributor

Hi all,

 

I'm trying the same things as Micheal on a 800C.

You say do this on the webserver itself, and in my case it's done but not working.

What did my service provider is:

 

Untrust-> Virtual Server (services HTTP and HTTPS)

Virtual server conf: Public IP and Virtual Server port 443

Real server conf: Private IP port 443

 

I cannot create another Real server with the same IP and port 80.

 

Any idea?

Thanks Paul

Markus
Valued Contributor

Hi Paul Seems that this is depended on the Firmware. With my 60E on 5.6.3 this is possible (more than one virtual Server with same IP and different ports).

Or maybe there is a (same) Virtual IP with existing Portforwarding configured? Best regards,

Markus


________________________________________________________
--- NSE 4 ---
________________________________________________________

________________________________________________________--- NSE 4 ---________________________________________________________
rwpatterson
Valued Contributor III

please disregard

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

Bob - self proclaimed posting junkie!See my Fortigate related scripts at: http://fortigate.camerabob.com
DW_FTNT

HTTP to HTTPS redirect was added to 6.2.1 Code   you can terminate 443 on the fortigate or just pass 443 all the way to the server. This link shows how to terminate/offload 443 on the fortigate https://docs.fortinet.com/document/fortigate/6.2.0/cookbook/304594/http-to-https-redirect-for-load-b... here is a link to offloading https://help.fortinet.com/fos50hlp/54/Content/FortiOS/fortigate-load-balancing-52/ldb-ssl-tls-offloa...     if you want to just pass 443 to the server and not terminate the session on the fortigate edit the vip "virtual-server-https" --->  set server-type tcp   you can  redirect other ports like 8080  using http edit "virtual-server-http"     set extport 80 to    set extport 8080     be sure to use proxy mode

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors