Incoming connection to FQDN - How To?

Alessandro · October 21

Hello everyone, I would like to create an incoming HTTPS policy that redirects all traffic to my.domain.com (FQDN, not IP) to an internal host.
What I have in mind is a SNAT where the FQDN is the source, not the destination
Is there any way to do this?
Any suggestion will be greatly appreciated.

Kind regards,
AB

Bruce_Briggs · October 21

If this is via HTTP, then you need to look at the URL to see the destination entered.
If this is via HTTPS, then you need to Inspect the incoming packet to see the URL.
If this is via some other protocol, then I am not aware of a way for you to see if the access was attempted via a domain name or via an IP addr.

You could use a HTTPS server proxy action with an HTTP Content Action to identify access attempt using a domain name.

HTTPS-Proxy: Content Inspection
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/proxies/https/https_proxy_contentinspection_c.html

Example: HTTPS Proxy Action with an HTTP Content Action
https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/proxies/examples/content_action_https.html

Incoming connection to FQDN - How To?

Comments