Troubleshooting Tip: How to resolve the L4 load balance no connectivity issue on FortiADC

Description

This article describes how to resolve the L4 load balance no connectivity issue on FortiADC.

Scope

FortiADC.

Solution

The 'DNAT packet forwarding method' only considers destination IP address translation, keeping the source IP address in the packet.
Real servers do not reach unknown networks nor have access to list control.

The procedure consists of changing the 'packet forwarding method' from 'DNAT' to 'full NAT' by applying the following changes on the device GUI:

1. To configure an IP address with the same network segment of the real server as the 'source pool'.
   Go to Load Balance -> Virtual Server -> NAT Source Pool and configure the same address as 'from' and 'to' in the range then save changes.
   
   
2. Go to Virtual Server, select 'VS-Name', select 'packet forwarding method' as 'full NAT' and select configured 'NAT Source Pool' from the NAT Source Pool list then save changes.

'Full NAT' allows DNAT plus SNAT translation.

For more information, it is possible to check this document: Using source pools.