Hot!virtual ip with http host detection?

Author
sdi
New Member
  • Total Posts : 8
  • Scores: 0
  • Reward points: 0
  • Joined: 2017/08/06 09:18:55
  • Status: offline
2020/07/13 08:11:13 (permalink)
0

virtual ip with http host detection?

Hi,
 
can you point me into the right steps how to implement the following:

internet -> webserver1.intra.myintradomain.com -> goes to: 10.0.1.150:80
internet -> webserver2.intra.myintra.domain.com -> goes to: 10.0.1.160:80
 
So I would like to implement above. I know how to just map all traffic from an external port (let's say 80) to ONE SAME internal host, let's say: 10.0.1.200.
 
But how do I map traffic analyzing the FQDN (webserver1. etc...) to an internal ip?
I don't have such an option unter Policy&Objects/VirtualIP's.
 
Thank you.
#1

7 Replies Related Threads

    Toshi Esumi
    Expert Member
    • Total Posts : 2177
    • Scores: 213
    • Reward points: 0
    • Joined: 2014/11/06 09:56:42
    • Status: offline
    Re: virtual ip with http host detection? 2020/07/13 09:23:07 (permalink)
    0
    I'm not sure if this answers to your question. But have you searched and found like this?
    https://docs.fortinet.com...s-with-port-forwarding
    #2
    sdi
    New Member
    • Total Posts : 8
    • Scores: 0
    • Reward points: 0
    • Joined: 2017/08/06 09:18:55
    • Status: offline
    Re: virtual ip with http host detection? 2020/07/13 09:47:49 (permalink)
    0
    Hi, no your link is something different. That's port forwarding.
    #3
    Toshi Esumi
    Expert Member
    • Total Posts : 2177
    • Scores: 213
    • Reward points: 0
    • Joined: 2014/11/06 09:56:42
    • Status: offline
    Re: virtual ip with http host detection? 2020/07/13 09:58:40 (permalink)
    0
    If you're looking for using FQDN on mapped-ips, you can use type. But I'm still not sure what exactly you want to do.
    https://help.fortinet.com/fos50hlp/56/Content/FortiOS/fortigate-firewall/Object%20Configuration/Virtual%20IPs/FQDN%20in%20VIPs.htm
     
    #4
    sdi
    New Member
    • Total Posts : 8
    • Scores: 0
    • Reward points: 0
    • Joined: 2017/08/06 09:18:55
    • Status: offline
    Re: virtual ip with http host detection? 2020/07/13 10:35:57 (permalink)
    0
    I would like to access two different internal Webservers on two different internal Ip's. over one public IP.

    let's say:
    webserver1.internal
    and webserver2. internal
    #5
    Toshi Esumi
    Expert Member
    • Total Posts : 2177
    • Scores: 213
    • Reward points: 0
    • Joined: 2014/11/06 09:56:42
    • Status: offline
    Re: virtual ip with http host detection? 2020/07/13 10:42:29 (permalink)
    0
    That's not going to work, because both are the same port 80 or 443 access at the one public IP. The FGT's VIP doesn't look inside of HTTP/HTTPS data packets to look for the URL it's trying to reach.
    #6
    sdi
    New Member
    • Total Posts : 8
    • Scores: 0
    • Reward points: 0
    • Joined: 2017/08/06 09:18:55
    • Status: offline
    Re: virtual ip with http host detection? 2020/07/13 11:13:10 (permalink)
    0
    it should work. it does on sophos Utms and on checkpoint appliances.

    should work with fortinet as well.

    probably doing a reverse proxy and lb.

    I was hoping to get some help here.
    I guess I will have to open a ticket.
    #7
    Markus
    Platinum Member
    • Total Posts : 242
    • Scores: 38
    • Reward points: 0
    • Joined: 2015/03/19 07:30:23
    • Location: Switzerland
    • Status: offline
    Re: virtual ip with http host detection? 2020/07/14 00:07:02 (permalink)
    0
    This is not possible with Fortigate. You need two public IPs/Vips if you have 2 Webserver on same port.
    #8
    Jump to:
    © 2020 APG vNext Commercial Version 5.5