USG210 route a HTTP request to a particular server

PeterHer
PeterHer Posts: 17  Freshman Member
Hi All,

Does anyone know if it is possible to route a HTTP request to a particular server?

This is the situation:
I have one static IP address from my provider. This IP address will be used for two or more websites. If someone goes to www.xxxxx.com if needs to be redirected from my public IP address to internal IP address 192.168.0.2. So far no problem, but when someone goes to  www.yyyyy.com it needs to be redirected to 192.168.0.3 and www.zzzzz.com to 192.168.0.4. Is this possible using an USG210? I believe this topic was discussed earlier in https://community.zyxel.com/en/discussion/2586/virtual-server-fqdn-based but I didn't quite understand the solution. 
I hope someone can help me.

All Replies

  • mMontana
    mMontana Posts: 753  Guru Member
    AFAIK....
    IMVHO You should need a VirtualHost or a Reverse proxy, but I don't know if USGs devices can achieve that.

  • WJS
    WJS Posts: 44  Freshman Member
    It looks just "IDEA"..
    In general,The requirement usually realized on device that have GSLB(Global Server Load balance) feature.
    DNS service need to manager by yourself first.


  • warwickt
    warwickt Posts: 111  Ally Member
    Hello PeterHer as mentioned by mMontana above as a good suggestion , just use a reverse-proxy on your host that handles the WAN(s) and their interfaces for HTTPS/HTTP requests to a mythical 'server02"

    FWIW we use NGINX .. there is an abundance {plenty (tonnes!)} of wonderful documentation, and beginner step-by-step guides, odysee video etc  there on those interwebs. =)

    The Simple Way  B)

    1.  on the USG appliance, set up the usual Security Policies  and NAT fwds for requests on 80 | 443 to a set server on your setup (server01).
    2. then with NGINX ( similar) on server01, (with certs etc etc) , configure the reverse roxy for the https request to be redirected to the preferred 'server02" (physical or VM etc) - again refer to the  doc.

    This way you can simply have one https/http  server that handles for everything ... it can be made very exostic as well .. I'm confident many,many forum members will use this method.

    The (bloody) Hard Way  :s

    Instead ... another way (the awkward hard way) is to do it all in the USG appliance for settmg host/domain names and requesting non HTTP (80)/ HTTPS (443) to be made on another port then using USG NAT virt and (Sec Pol etc) to route them to a particular server(s) on your LANS s...  ( :-1 hard work basically and not esay to use externally)...
     
    Apache, NGINX and their ilk is the way to go....  :)

    HTH
    Warwick
    Hong Kong

Security Highlight