Fortiweb Cookbook: content routing based on URL configuration example
I wrote this step by step walkthrough as an answer for the forum.fortinet.com here https://forum.fortinet.com/FindPost/183028 . This example uses Fortiweb 6.2.2 but the configuration is valid at least starting with 5.x.
Problem: You want to route user requests according to the URL they are trying to access. When a user enters http://example.com/server1 you want her to be routed to the server1 (10.10.10.10) and port 22. And when she enters http://example.com/server2, you want her to reach server2 (10.10.10.15) on port 3030.
Solution: Create Content Routing Policy with 2 rules, each using regex to match the URL in the HTTP request and route to the appropriate server pool.
Now the configuation:
- Create usual VIP representing the external IP of the domain example.com, here it is 15.15.15.15:
- Create Virtual Server using the above VIP:
- Create 2 physical servers, for each server in a farm using ports 22 and 3030 accordingly, here server1 is 10.10.10.10 port 22 and server2 is 10.10.10.15 port 3030:
- Now, to the HTTP Content Routing. Here we define parameters to route to different servers by. To do so we create 2 policies – first matching “server1” in URL (and route to server 1 10.10.10.10 by using it in the Server Pool menu), and the 2nd matching “server2”:
And for the 2nd server:
- Finally, we tie all this together in the Server Policy of type HTTP Content Routing:
The CLI commands of the above configuration are:
config server-policy vserver
edit "forum-fortinet-vserver"
config vip-list
edit 1
set vip forum-ftnt-VIP
next
end
next
end
config server-policy server-pool
edit "forum-ftnt-srv1"
set flag 1
set server-pool-id 6459952352137344822
config pserver-list
edit 1
set ip 10.10.10.10
set port 22
set server-id 383198561119413223
next
end
next
edit "forum-ftnt-srv2"
set flag 1
set server-pool-id 2056232527958881701
config pserver-list
edit 1
set ip 10.10.10.15
set port 3030
set server-id 15928736989441525913
next
end
next
end
config server-policy http-content-routing-policy
edit "forum-ftnt-to-srv1-port22"
set server-pool forum-ftnt-srv1
set http-content-routing-id 14533533740472441776
config content-routing-match-list
edit 1
set match-object http-request
set match-condition match-reg
set match-expression server1
next
end
next
edit "forum-ftnt-to-srv2-port3030"
set server-pool forum-ftnt-srv2
set http-content-routing-id 9634759790203390436
config content-routing-match-list
edit 1
set match-object http-request
set match-condition match-reg
set match-expression server2
next
end
next
end
config server-policy policy
edit "forum-ftnt-tosrv1-srv2"
set deployment-mode http-content-routing
set vserver forum-fortinet-vserver
set service HTTP
set replacemsg Predefined
set policy-id 12611187490543522760
config http-content-routing-list
edit 1
set content-routing-policy-name forum-ftnt-to-srv1-port22
set profile-inherit enable
next
edit 2
set content-routing-policy-name forum-ftnt-to-srv2-port3030
set profile-inherit enable
next
end
next
end
Follow me on https://www.linkedin.com/in/yurislobodyanyuk/ not to miss what I publish on Linkedin, Github, blog, and more.