Server load balancing configuration overview
The configuration object framework supports the granularity of FortiADC application delivery control rules. You can configure specific options and rules for one particular type of traffic, and different options and rules for another type.
Figure 23 shows the configuration objects used in the server load balancing configuration and the order in which you create them.
Basic steps
1. Configure health check rules.
This step is optional. In many cases, you can use predefined health check rules. If you want to use custom rules, configure them before you configure the pools of real servers.
2. Configure server pools.
Server pools are the backend servers you want to load balance and specify the health checks used to determine server availability. This step is required.
3. Configure persistence rules, optional features and policies, profile components, and load balancing methods.
You can skip this step if you want to select from predefined persistence rules, profiles, and methods.
4. Configure the virtual server.
When you configure a virtual server, you select from predefined and custom configuration objects.
Example workflow
For a members-only HTTPS web server farm, you might have a workflow similar to the following:
1. Configure security module firewall rules that allow only HTTPS traffic from untrusted subnets to the virtual server.
2. Import server SSL certificates, configure a local certificate group, and a certificate verification policy.
3. Configure HTTPS health checks to test the availability of the web servers.
4. Configure the server pools, referencing the health check configuration object.
5. Configure authentication:
• Create a RADIUS or LDAP server configuration.
• Create user groups.
• Create an authentication policy.
6. Configure an HTTPS profile, referencing the certificate group and certificate verification policy and setting SSL version and cipher requirements.
7. Configure the virtual server, using a combination of predefined and user-defined configuration objects:
• Predefined: WAF policy, Persistence, Method
• User-defined: Authentication Policy, Profile
