Solved

Load Balancing using Fortigate device

Posted on 2008-06-13
2
9,372 Views
Last Modified: 2013-11-16
I've installed a Fortigate 300A firewall device. Is it possible to use this device as a load balancer for my 2 internet lines ? something like what GLBP does.

Thanks
0
Comment
Question by:Farrahi
2 Comments
 
LVL 15

Accepted Solution

by:
JimboEfx earned 500 total points
ID: 21966996
It is indeed possible to use the Fortigate for WAN failover/load balancing. The fortigate can either use the links in active/passive fashion outbound, but active/active inbound or (to a degree active/actvie outbound and inbound. This assumes the fortigate is the outgoing router to the internet and that the WAN connections are connected to seperate interfaces (e.g. WAN1 and WAN2).

There are a number of articles on the subject, but i will list just these two:

http://kc.forticare.com/default.asp?id=376&Lang=1&SID=
http://kc.forticare.com/default.asp?id=1583&SID=&Lang=1

There are also some documentation on the unit:

http://docs.forticare.com/fgt/techdocs/FortiGate_Administration_Guide_01-30006-0203-20080313.pdf

I have no personal experience of GLBP to give you a direct comparison.

You should note that the mechanism used in a single unit for WAN failer is based purely on the ability to ping a target (or multiple targets). When the target (or targets) are unavailable for a defined period of time the interface is marked as down and the routing table adjusted (until it gets replies again).

Having more than one unit in a cluster gives you some more options to survive a unit failure, or even for example someone unplugging WAN1 on one unit - as the unit would fail over to another node which said its WAN1 was OK.

So the simple answer is yes, the longer answer is it depends on what your expectations are.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

To setup a SonicWALL for policy based routing to be used with the Websense Content Gateway there are several steps that need to be completed. Below is a rough guide for accomplishing this. One thing of note is this guide is intended to assist in the…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
Along with being a a promotional video for my three-day Annielytics Dashboard Seminor, this Micro Tutorial is an intro to Google Analytics API data.
Learn how to create flexible layouts using relative units in CSS.  New relative units added in CSS3 include vw(viewports width), vh(viewports height), vmin(minimum of viewports height and width), and vmax (maximum of viewports height and width).

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now