Name | Enter the name for the virtual server. |
Color | Select Change beside the icon to change the color of the icon. When you select Change, a color palette window appears; select a color from the palette window. |
Type | Select the protocol to be load balanced by the virtual server. If you select a general protocol such as IP, TCP, or UDP the virtual server load balances all IP, TCP, or UDP sessions. If you select specific protocols such as HTTP, HTTPS, or SSL you can apply additional server load balancing features such as Persistence and HTTP Multiplexing. • Select HTTP to load balance only HTTP sessions with destination port number that matches the Virtual Server Port setting. Change Virtual Server Port to match the destination port of the sessions to be load balanced (usually port 80 for HTTP sessions). You can also select HTTP Multiplex. You can also set Persistence to HTTP Cookie to select cookie-based persistence. • Select HTTPS to load balance only HTTPS sessions with destination port number that matches the Virtual Server Port setting. Change Virtual Server Port to match the destination port of the sessions to be load balanced (usually port 443 for HTTPS sessions). You can also select Multiplex HTTP requests/responses. You can also set Persistence to HTTP Cookie to select cookie-based persistence. You can also set Persistence to SSL Session ID. • Select IMAPS to load balance only IMAPS sessions with destination port number that matches the Virtual Server Port setting. Change Virtual Server Port to match the destination port of the sessions to be load balanced (usually port 993 for IMAPS sessions). You can also set Persistence to SSL Session ID. • Select POP3S to load balance only POP3S sessions with destination port number that matches the Virtual Server Port setting. Change Virtual Server Port to match the destination port of the sessions to be load balanced (usually port 995 for POP3S sessions). You can also set Persistence to SSL Session ID. • Select SMTPS to load balance only SMTPS sessions with destination port number that matches the Virtual Server Port setting. Change Virtual Server Port to match the destination port of the sessions to be load balanced (usually port 465 for SMTPS sessions). You can also set Persistence to SSL Session ID. • Select SSL to load balance only SSL sessions with destination port number that matches the Virtual Server Port setting. Change Virtual Server Port to match the destination port of the sessions to be load balanced. • Select TCP to load balance only TCP sessions with destination port number that matches the Virtual Server Port setting. Change Virtual Server Port to match the destination port of the sessions to be load balanced. • Select UDP to load balance only UDP sessions with destination port number that matches the Virtual Server Port setting. Change Virtual Server Port to match the destination port of the sessions to be load balanced. • Select IP to load balance all sessions accepted by the security policy that contains this virtual server. |
Interface | Select the virtual server external interface from the list. The external interface is connected to the source network and receives the packets to be forwarded to the destination network. |
Virtual Server IP | The IP address of the virtual server. This is an IP address on the external interface that you want to map to an address on the destination network. |
Virtual Server Port | Enter the external port number that you want to map to a port number on the destination network. Sessions with this destination port are load balanced by this virtual server. |
Load Balance Method | Select the load balancing method used by the virtual server. See “Load balancing methods”. |
Persistence | Configure persistence to make sure that a user is connected to the same server every time they make a request that is part of the same session. Session persistence is supported for HTTP and SSL sessions. See “Session persistence”. For HTTP and HTTPS sessions, see “HTTP and HTTPS persistence”. |
HTTP Multiplexing | Select to use the FortiGate unit to multiplex multiple client connections into a few connections between the FortiGate unit and the real server. See “HTTP and HTTPS multiplexing”. |
Preserve Client IP | Select to preserve the IP address of the client in the X-Forwarded-For HTTP header. This can be useful if you want log messages on the real servers to the client’s original IP address. If this option is not selected, the header will contain the IP address of the FortiGate unit. This option appears only if HTTP or HTTS are selected for Type, and is available only if HTTP Multiplexing is selected. |
SSL Offloading | Select to accelerate clients’ SSL connections to the server by using the Fortinet FortiGate unit to perform SSL operations, then select which segments of the connection will receive SSL offloading. See “SSL offloading” |
Certificate | Select the certificate to use with SSL Offloading. The certificate key size must be 1024 or 2048 bits. 4096-bit keys are not supported. This option appears only if HTTPS or SSL are selected for Type, and is available only if SSL Offloading is selected. |
Health Check | Select which health check monitor configuration will be used to determine a server’s connectivity status. See “Health check monitoring”. |