FortiOS 5.6 Online Help Link FortiOS 5.4 Online Help Link FortiOS 5.2 Online Help Link FortiOS 5.0 Online Help Link

Home > Online Help

> Chapter 26 - Server Load Balancing > Example Adding a server load balance port forwarding virtual IP

Example Adding a server load balance port forwarding virtual IP

In this example, a virtual web server with IP address 192.168.37.4 on the Internet, is mapped to three real web servers connected to the FortiGate unit dmz1 interface. The real servers have IP addresses 10.10.123.42, 10.10.123.43, and 10.10.123.44. The virtual server uses the First Alive load balancing method.

Each real server accepts HTTP connections on a different port number. The first real server accepts connections on port 8080, the second on port 8081, and the third on 8082. The configuration also includes an HTTP health check monitor that includes a URL used by the FortiGate unit for get requests to monitor the health of the real servers.

Connections to the virtual web server at IP address 192.168.37.4 from the Internet are translated and load balanced to the real servers by the FortiGate unit. First alive load balancing directs all sessions to the first real server. The computers on the Internet are unaware of this translation and load balancing and see a single virtual server at IP address 192.168.37.4 rather than the three real servers behind the FortiGate unit.

Server load balance virtual IP port forwarding

To complete this configuration, all of the steps would be the same as in Example Adding a server load balance port forwarding virtual IP except for configuring the real servers.

To add the real servers and associate them with the virtual server

Use the following steps to configure the FortiGate unit to port forward HTTP packets to the three real servers on ports 8080, 8081, and 8082.

  1. Go to Policy & Objects > Real Servers.
  2. Select Create New.
  3. Configure three real servers that include the virtual server Load_Bal_VS1. Each real server must include the IP address of a real server on the internal network and have a different port number.

    Configuration for the first real server.
Virtual Server Load_Bal_VS1
IP 10.10.10.42
Port 8080
Weight Cannot be configured because the virtual server does not include weighted load balancing.
Maximum Connections 0

Configuration for the second real server.

Virtual Server Load_Bal_VS1
IP 10.10.10.43
Port 8081
Weight Cannot be configured because the virtual server does not include weighted load balancing.
Maximum Connections 0

Configuration for the third real server.

Virtual Server Load_Bal_VS1
IP 10.10.10.44
Port 8082
Weight Cannot be configured because the virtual server does not include weighted load balancing.
Maximum Connections 0