Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
cravikumar
Staff
Staff

Created on ‎01-08-2024 09:35 PM

Article Id 293178

Technical Tip: Unable to use http-redirect option under virtual server configuration when NGFW policy-mode enabled

Description

This article describes that while using the NGFW policy-based mode, the http-redirect option is not available:

 

config firewall vip

    edit "Test-443"
        set uuid 87223950-35d0-51ed-597d-500a2243444
        set type server-load-balance
        set extip 10.1.1.1
        set extintf "Internal"
        set server-type https
        set monitor "Test-HTTPS"
        set ldb-method round-robin
        set extport 443
            config realservers
                edit 1
                    set ip 10.2.2.2
                    set port 443
                next
                    edit 2
                        set ip 10.3.3.3
                        set port 443
                    next
                end
            next

 

Test-FW01 (vip) # edit "Test-443"

Test-FW01 (Test-443) # set http-redirect enable

command parse error before 'http-redirect'

Command fail. Return code -61

 
Scope FortiGate.
Solution

The 'http-redirect' is to redirect traffic to the proxy. No proxy feature is available in NGFW policy mode. All traffic is handled by the IPS engine in pure flow mode.
Labels:
218
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.