Launching Web Portal Applications; Url Re-Writing - Fortinet FORTIOS V3.0 MR7 User Manual

Launching web portal applications

Launching web portal applications
68
In the Tools area, you can connect to a web server or start a telnet session. You
can also check connectivity to a host or server on the network behind the
FortiGate unit. For more information, see
The FortiGate unit forwards client requests to servers on the Internet or internal
network. To use the web-portal applications, you add the URL, IP address, or
name of the server application to the My Bookmarks list (see
to the My Bookmarks list").
Note: If you want to access a web server or telnet server without first adding a bookmark to
the My Bookmarks list, type the URL or IP address of the server into the appropriate field
under Tools instead (see "Starting a session from the Tools
One or more of the following server applications may be available to you,
depending on whether they were installed by the server administrator:
• Web servers (HTTP/HTTPS) download HTML pages in response to web
browser requests.
• Telnet servers (TCP/IP Terminal Emulation Protocol) enable you to use your
computer as a virtual terminal to log in to a remote host.
• FTP (File Transfer Protocol) servers enable you to transfer files between your
computer and a remote host.
• SMB/CIFS servers implement the Server Message Block (SMB) protocol to
support file sharing between your computer and a remote server host.
• VNC (Virtual Network Computing) servers enable you to remotely control
another computer, for example, accessing work from your home computer.
• RDP (Remote Desktop Protocol) servers have a multi-channel protocol that
allows users to connect to computers running Microsoft Terminal Services.
• SSH (Secure Shell) servers enable you to exchange data between two
computers using a secure channel.
Note: Windows file sharing through SMB/CIFS is supported through shared directories.
When you access any of these server applications, the server may prompt you for
a user name and password. To log in, you must have a user account created by
the server administrator.

URL re-writing

When a FortiGate unit forwards client requests to servers on the Internet or
internal network, there may be a requirement to access a site with a name or
address that should not be exposed. For HTTP/HTTPS, the FortiGate unit
employs an obfuscation technique that encrypts the hostname with a random key
using AES-128, then the corresponding hex value plus 'Z' is added at the
beginning to form the encoded name.
For example, in the case of the URL http://test.org/index.html, the FortiGate unit
would translate to the following:
https://<sslvpn_host:port>/proxy/http/Z<encrypted hex value>/index.html
Working with the web portal
"Starting a session from the Tools
"Adding a bookmark
area").
FortiOS v3.0 MR7 SSL VPN User Guide
01-30007-0348-20080718
area".