Static NAT to two servers using same port
Hello team.
I have an office with a single public IP address. I have two servers inside with same port (192.168.1.100:443 and 192.168.1.200:443)
I need to do natting (port forwarding) using port 443 to two different servers from the outside public interface.
So I create two SNAT rule:
78.x.x.130 --> 192.168.1.100:443
78.x.x.130 --> 192.168.1.200:443
I created two Policies:
From: AnyExternal
Src Port: Any
To: 78.x.x.130
Dst Port: tcp:443
From: AnyExternal
Src Port: tcp: 8443
To: 78.x.x.130
Dst Port: tcp:443
But math only the first rule. What am I doing wrong in your opinion?
Thanks a lot.
0
Sign In to comment.
Comments
For the second server, you need to first create a new custom policy for port TCP 8443.

Then a S.NAT policy where “Set internal port to different port” is 443

the inbound policy’s should look like this.

to connect to the first srv, the address is: https://78.x.x.13
and when connecting to the second srv the address is: https://78.x.x.13:8443
Thank you.
I hadn't changed the port in the policy to 8443.
An option for having more that 1 internal web site using a single public IP addr is using a HTTPS proxy, use a HTTPS Server proxy action, and you can specify Domain Name and route based on the domain name in the URL.
See the Routing Actions and Content Actions section here:
HTTPS-Proxy: Domain Name Rules
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/proxies/https/https_domain_names_c.html