Fortinet 5.0 Patch 6 Defining your proxies, clients, & X-headers

Fortinet 266 FortiWeb 5.0 Patch 6 Administration Guide

alias. When configuring FortiWeb, each web server was defined using its DNS alias, rather than

its IP address:

• www1.example.com — Hosts www.example.com, plus all other host names’ content, in

case the other web servers fail or have scheduled down time

• www2.example.com — Hosts www.example.de

• www3.example.com — Hosts www.example.cn & www.example.co.jp

While public DNS servers all resolve these aliases to the same IP address — FortiWeb’s virtual

server — your private DNS server resolves these DNS names to separate IPs on your private

network: the back-end web servers.

• www1.example.com — Resolves to 192.168.0.1

• www2.example.com — Resolves to 192.168.0.2

• www3.example.com — Resolves to 192.168.0.3

In this case, you would configure HTTP content routing so FortiWeb routes requests from clients

based upon the original Host: field in the HTTP header to the appropriate DNS alias. The

destination back-end web server would be determined at request time using server health

check statuses, as well private network DNS to resolve the DNS alias into its current private

network IP address:

• http://www.example.com/ — Routes to www1.example.com

• http://www.example.de/ — Routes to www2.example.com, unless that web server is down,

in which case those requests will be routed to www1.example.com

• http://www.example.cn/ & http://www.example.co.jp/ — Routes to www3.example.com,

unless that web server is down, in which case those requests would be routed to

www1.example.com

If necessary to maintain HTTP session continuity for web applications, you would also configure

Host: name and hyperlink rewriting so that subsequent requests from the client would be

forwarded to the same back-end web server.