Load balancing inbound connections across multiple WANs with HA firewalls

IanW · ‎11-16-2017

Hi,

So the setup is two Fortigate Firewalls in HA and I have two Internet suppliers. I want to be able to load balance the two WAN connections from the HA appliance but equally I want to load balance inbound connections to a single server via both links. (it is my intention to use an F5 GTM to do global load balancing between the to links inbound).

So not quite sure if this can be done. Both WAN links will need to be active and each will have its own PA address space which will mean that the inbound server will need two NAT addresses and return packets will have to be forwarded via the link it came in.

My question is can it be done, has anyone done it before and are there any "gotchas" to be aware of and any issues with specific OS versions?

Thanks.

packetpusher · ‎11-17-2017

So you want the F5 to do a global load balancing at the edge and the fortigate HA to load balance with the directly connected web server. Do you have a topology diagram to share with us?

IanW · ‎11-24-2017

Admin_FTNT · ‎11-24-2017

Ian,

Please try to paste your image again.

Regards,

Admin

HA · ‎11-24-2017

Hi,

I have setup (around 15) with the same kind of requirements.

We have Peplink appliances of the Firewall. DNS is embeded so you can load balance traffic based on DNS.

It works like a charm.

For internal needs, if needed, you can use F5 LTM.

Regards,

HA

Load balancing inbound connections across multiple WANs with HA firewalls

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website