config load-balance ippool
Use this command to configure a NAT IP address range pool to be used in a Layer 4 virtual server deployment
You can configure network address translation (NAT) in a Layer 4 virtual server configuration. You have the following options:
• Full NAT—Rewrites both the source and destination IP addresses. The NAT module translates the source IP address to the next available address in the source pool you configure with the config load-balance ippool command. The NAT module translates the destination address to the address of the real server selected by the load balancer.
• Destination NAT—Rewrites the destination IP address for packets before it forwards them. The NAT module translates this address to the address of the real server selected by the load balancer. The NAT module rewrites only the destination IP address. Therefore, if you configure destination NAT, you do not need to configure a source pool.
The system maintains the NAT table and performs the inverse translation when it receives the server-to-client traffic.
Before you begin:
• You must have a good understanding of NAT. You must know the address ranges your network has provisioned for NAT.
• Be sure to configure the backend servers to use the FortiADC address as the default gateway so that server responses are also rewritten by the NAT module.
• You must have read-write permission for load balancing settings.
After you have configured a source pool IP address range configuration object, you can specify it in the virtual server configuration.
Syntax
config load-balance ippool
edit <No.>
set interface <datasource>
set addr-type {ipv4|ipv6}
set ip-min <class_ip>
set ip-max <class_ip>
next
end
interface | Interface to receive responses from the backend server. The interface used for the initial client traffic is determined by the virtual server configuration. |
addr-type | • IPv4 • IPv6 |
ip-min | The first address in the address pool. |
ip-max | The last address in the address pool. |