Multiple reverse proxies

Hi,
I have a single external IP and 2 internal servers:
one.mydomain.com
two.mydomain.com

I'd like to restrict external access to each server:
Any-External > one.mydomain.com
Single IP > two.mydomain.com

I've looked at using a reverse proxy but I can't see a way to restirct the inbound traffic by domain and unless I'm mistaken I can't use 2 reverse proxies.

Is what I'm asking possible?

Thanks in advance for any help.

T40 v12.10.4

Comments

  • Use a standard HTTPS proxy with type = HTTPS-Server
    There you can add items for different domain names which are used to identify the internal destination web server(s) and/or IP/addr/port of an internal web server.

    See the "HTTPS server proxy action" section, here:

    HTTPS-Proxy: Content Inspection
    https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/proxies/https/https_proxy_contentinspection_c.html

  • Thank you for your reply.
    I may have misunderstood.
    I think you're suggesting I use a single HTTPS proxy to restrict external access to each server. I'm not sure how this would work because the proxy's from field will need to be Any-External or the single IP (13.192.1.3).

    Any external traffic (inc. 13.192.1.3) will be allowed to one.mydomain.com.
    The only external traffic allowed to two.mydomain.com is from 13.192.1.3.

    Does this help?

  • The correct answer is to have 2 HTTPS policies:
    1) for the single IP addr - with a SNAT to 192.168.5.2
    2) for the general access - with a SNAT to 192.168.5.1

    Make sure that policy 1 ends up above policy 2

  • Thank you.

Sign In to comment.