• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 687
  • Last Modified:

Fortigate Request Filter By Domain

Hello Experts

I have a fortigate 80c model and i want to manage two domains on that same router.
The two domains will have web servers,
And i want to know, is there any way to filter web request that came into the router by domain name instead of IP addresses?

Thank you.
0
IT_Group1
Asked:
IT_Group1
  • 3
  • 2
1 Solution
 
myramuCommented:
Hello,

Could you please explain bit more clear?
Do you want to route the traffic based on domain name like in apache (Only one public IP required)?

0
 
IT_Group1Author Commented:
Hi myramu

Exactly what you wrote i have one public IP that i want to assign to a new domain,
and i want that the fortigate will have the option to filter web based request by domain name.

is this possible ?
0
 
myramuCommented:
It is not possible to route the traffic based on domain like in apache with a single IP address. FortiGate destination nat (VIP) just looks for IP address and port.

You can host the websites on different ports and use port forwarding or use apache server internally.

0
 
IT_Group1Author Commented:
Hi myramu

i forgot to Mention that i will assign a wildcard SSL certificate to the new domain,
and i need the web requests to be secured (port 443).
i know that i will have to use the VIP to port fwd the request,
what i am asking is will i be able to answer the requests with one web server (Apache)
and one dns server that will hold ALL of the sub domains ?

can you point me to the right configuration ?

thank you.
0
 
myramuCommented:
Yes, it is possible. Just you need to configure the DNS to point to the right IP address and FortiGate will forward to the internal apache server.

Refer the following article sto configure VIP on FortiGate:
http://kb.fortinet.com/kb/microsites/search.do?cmd=displayKC&docType=kc&externalId=FD30904
http://kb.fortinet.com/kb/microsites/search.do?cmd=displayKC&docType=kc&externalId=11765

Good Luck!
0

Featured Post

Free recovery tool for Microsoft Active Directory

Veeam Explorer for Microsoft Active Directory provides fast and reliable object-level recovery for Active Directory from a single-pass, agentless backup or storage snapshot — without the need to restore an entire virtual machine or use third-party tools.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now