I wrote this step by step walkthrough as an answer for the forum.fortinet.com here https://forum.fortinet.com/FindPost/183028 . This example uses Fortiweb 6.2.2 but the configuration is valid at least starting with 5.x.
Problem: You want to route user requests according to the URL they are trying to access. When a user enters http://example.com/server1 you want her to be routed to the server1 (10.10.10.10) and port 22. And when she enters http://example.com/server2, you want her to reach server2 (10.10.10.15) on port 3030.
Solution: Create Content Routing Policy with 2 rules, each using regex to match the URL in the HTTP request and route to the appropriate server pool.
Now the configuation:
- Create usual VIP representing the external IP of the domain example.com, here it is 18.104.22.168:
- Create Virtual Server using the above VIP:
- Create 2 physical servers, for each server in a farm using ports 22 and 3030 accordingly, here server1 is 10.10.10.10 port 22 and server2 is 10.10.10.15 port 3030:
- Now, to the HTTP Content Routing. Here we define parameters to route to different servers by. To do so we create 2 policies – first matching “server1” in URL (and route to server 1 10.10.10.10 by using it in the Server Pool menu), and the 2nd matching “server2”:
And for the 2nd server:
- Finally, we tie all this together in the Server Policy of type HTTP Content Routing:
The CLI commands of the above configuration are:
config server-policy vserver edit "forum-fortinet-vserver" config vip-list edit 1 set vip forum-ftnt-VIP next end next end config server-policy server-pool edit "forum-ftnt-srv1" set flag 1 set server-pool-id 6459952352137344822 config pserver-list edit 1 set ip 10.10.10.10 set port 22 set server-id 383198561119413223 next end next edit "forum-ftnt-srv2" set flag 1 set server-pool-id 2056232527958881701 config pserver-list edit 1 set ip 10.10.10.15 set port 3030 set server-id 15928736989441525913 next end next end config server-policy http-content-routing-policy edit "forum-ftnt-to-srv1-port22" set server-pool forum-ftnt-srv1 set http-content-routing-id 14533533740472441776 config content-routing-match-list edit 1 set match-object http-request set match-condition match-reg set match-expression server1 next end next edit "forum-ftnt-to-srv2-port3030" set server-pool forum-ftnt-srv2 set http-content-routing-id 9634759790203390436 config content-routing-match-list edit 1 set match-object http-request set match-condition match-reg set match-expression server2 next end next end config server-policy policy edit "forum-ftnt-tosrv1-srv2" set deployment-mode http-content-routing set vserver forum-fortinet-vserver set service HTTP set replacemsg Predefined set policy-id 12611187490543522760 config http-content-routing-list edit 1 set content-routing-policy-name forum-ftnt-to-srv1-port22 set profile-inherit enable next edit 2 set content-routing-policy-name forum-ftnt-to-srv2-port3030 set profile-inherit enable next end next end
Follow me on https://www.linkedin.com/in/yurislobodyanyuk/ not to miss what I publish on Linkedin, Github, blog, and more.