Load Balancing for LAN

Mby · ‎12-19-2022

Hi All,

Load Balancing is defined for external network, but would like define for LAN.

I set :

Policy Route:

Incoming interface: internal

Source: IP TEST

Destination: IIS SERVER IP

Outgoing interface: internal

Gateway: IP FortiGate

Firewall Policy:

Incoming interface: LAN

Outcoming interface: LAN

Source: IP TEST

Destination: Load Bal

Why I have to set instead of Use Outgoing Interface Address

Thanks

gfleming · ‎12-29-2022

I just tested this with a Virtual Server Load Balance object in a policy that has same source and destination interfaces. It works. So you do not have to move your servers to a different subnet.

Cheers,
Graham

View solution in original post

Stephen_G · ‎12-22-2022

Hello Mby,

Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.

Thanks,

Stephen - Fortinet Community Team

knaveenkumar · ‎12-27-2022

Hi,

1. if you want to load balance, you have to use static routes.
2. routes with equal priority and distance will result in load balance.

please refer to the below link:
=============================
http://docs.fortinet.com/document/fortigate/7.2.3/administration-guide/360563/dual-internet-connecti...

Load balance requires atleast two outgoing interfaces. In your case, I can see that there is only 1 interface defined
Also, the incoming and outgoing are the same interface, hence I do need more info on your requirements as to what type of traffic is loadbalanced

gfleming · ‎12-27-2022

Hi can you please shed some more light on exactly what you are trying to accomplish? Can you post more details about your traffic flow and topology.

To load balance internal traffic most likely you will be using Server Load Balancer on the FortiGate. Please review here: https://docs.fortinet.com/document/fortigate/7.2.3/administration-guide/713497/virtual-server-load-b...

Cheers,
Graham

seshuganesh · ‎12-27-2022

Hi Team,

Can you please explain the issue in detail so that we can understand the requirement.

Accordingly we will suggest

Mby · ‎12-28-2022

Hi,

I have Load Balancing on Forti but it's work only for external Users.

I want define for internal users.

If needed, I have 2 ISP.

gfleming · ‎12-28-2022

Are the users and the servers in the same subnet? It seems like it given the policy you have created. This will make things more complicated as you'll have to try and do this using NAT trickery which I'm not 100% would work. The best solution would be to have your servers in a different subnet so you can do the load balancing the same way as you do it for external users (from one interface to another).

Cheers,
Graham

Mby · ‎12-29-2022

Hi,

Yes, the users and the servers is in the same subnet.

Ok, I test that.

Thank you

I am pleasantly surprised.
This forum is very serious and consistent.
Thank to all

gfleming · ‎12-29-2022

I just tested this with a Virtual Server Load Balance object in a policy that has same source and destination interfaces. It works. So you do not have to move your servers to a different subnet.

Cheers,
Graham

Mby · ‎12-31-2022

Thanks