Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
IanW
New Contributor

Load balancing inbound connections across multiple WANs with HA firewalls

Hi,

So the setup is two Fortigate Firewalls in HA and I have two Internet suppliers. I want to be able to load balance the two WAN connections from the HA appliance but equally I want to load balance inbound connections to a single server via both links. (it is my intention to use an F5 GTM to do global load balancing between the to links inbound).

 

So not quite sure if this can be done. Both WAN links will need to be active and each will have its own PA address space which will mean that the inbound server will need two NAT addresses and return packets will have to be forwarded via the link it came in.

 

My question is can it be done, has anyone done it before and are there any "gotchas" to be aware of and any issues with specific OS versions?

 

Thanks.

4 REPLIES 4
packetpusher
Contributor

So you want the F5 to do a global load balancing at the edge and the fortigate HA to load balance with the directly connected web server. Do you have a topology diagram to share with us?

IanW

Admin_FTNT

Ian,

Please try to paste your image again.

Regards,

Admin

 

HA

Hi,

 

I have setup (around 15) with the same kind of requirements.

We have Peplink appliances of the Firewall. DNS is embeded so you can load balance traffic based on DNS.

It works like a charm.

For internal needs, if needed, you can use F5 LTM.

 

Regards,

 

HA

Labels
Top Kudoed Authors