This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Sebastian757
Newcomer
16 hours ago

Let's Encrypt forward requests to the correct internal server (DNS-NAT)

Hello,

We have successfully been running Let's Encrypt certificate renewals.
There is a security rule for Let's Encrypt IPs on port 80 to our web server's external IP addresses and corresponding NAT rules for forwarding to the internal web servers. This works very well.

Now, however, several internal web servers are hiding behind one external IP, all of which want to renew a Let's Encrypt certificate with different domains.

How do I set up a Checkpoint Security Gateway so that the requested domain is read from Let's Encrypt accesses and then forwarded to the correct internal web server?
You can specify domains or FQDNs in the NAT rule, but then you also have to specify a domain name for the destination. However, the name is then resolved using either the external or internal IP address and therefore doesn't match the external or internal object entry.

So, how can I filter and forward requests based on the requested domain?

0 Kudos
1 Reply
PhoneBoy
Admin
Admin
7 hours ago

NAT does nothing for the Layer 7 information inside of HTTP, only the IP headers.
In any case, this is more like Reverse Proxy functionality: https://support.checkpoint.com/results/sk/sk110348
Not sure it will work in this case, otherwise you're looking at an RFE

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events