Issue from loadbalancing server and source address

Forum|Forum|7 years ago
May 30, 2018
2 replies
9661 views

Hi Everyone,

Indeed, I try to set up load balancing for syslog servers.

The load balancing itself works well but the syslog server does not receive the addresses of the remote equipments, there is a NAT realized by the forti, so we do not know what equipment comes from the logs ( i see fort address).

I thought of port forwarding to keep the source address but I will not be able to forward the logs to my server pool but to a single server.

Do you know if there is possibility to realize this load sharing by keeping the source addresses of the customers?

ericli_FTNT

Staff

karnack wrote:
Hi Everyone,

Indeed, I try to set up load balancing for syslog servers.
The load balancing itself works well but the syslog server does not receive the addresses of the remote equipments, there is a NAT realized by the forti, so we do not know what equipment comes from the logs ( i see fort address).
I thought of port forwarding to keep the source address but I will not be able to forward the logs to my server pool but to a single server.
Do you know if there is possibility to realize this load sharing by keeping the source addresses of the customers?

Hi, can you provide an example of your issue?

emnoc

New Member

What device is doing the SNAT ? Can you eliminate the SNAT so the original SRC is presented in the syslog files?

karnackAuthor

New Member

The snat is realized by the forti whereas I have no rule of implementation for the network equipments. Forti presents the address of the interface of the incoming flow to my servers syslog that is why all my syslog servers only see the address of the forti.

karnackAuthor

New Member

up because no answer

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded