Multiple reverse proxies
Hi,
I have a single external IP and 2 internal servers:
one.mydomain.com
two.mydomain.com
I'd like to restrict external access to each server:
Any-External > one.mydomain.com
Single IP > two.mydomain.com
I've looked at using a reverse proxy but I can't see a way to restirct the inbound traffic by domain and unless I'm mistaken I can't use 2 reverse proxies.
Is what I'm asking possible?
Thanks in advance for any help.
T40 v12.10.4
0
Sign In to comment.
Comments
Use a standard HTTPS proxy with type = HTTPS-Server
There you can add items for different domain names which are used to identify the internal destination web server(s) and/or IP/addr/port of an internal web server.
See the "HTTPS server proxy action" section, here:
HTTPS-Proxy: Content Inspection
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/proxies/https/https_proxy_contentinspection_c.html
Thank you for your reply.
I may have misunderstood.
I think you're suggesting I use a single HTTPS proxy to restrict external access to each server. I'm not sure how this would work because the proxy's from field will need to be Any-External or the single IP (13.192.1.3).
Any external traffic (inc. 13.192.1.3) will be allowed to one.mydomain.com.
The only external traffic allowed to two.mydomain.com is from 13.192.1.3.
Does this help?
The correct answer is to have 2 HTTPS policies:
1) for the single IP addr - with a SNAT to 192.168.5.2
2) for the general access - with a SNAT to 192.168.5.1
Make sure that policy 1 ends up above policy 2
Thank you.