Fortinet black logo

Important notes

Copy Link
Copy Doc ID 8ca032b5-0e33-11ed-bb32-fa163e15d75b:484684
Download PDF

Important notes

  1. In L4_VS DNAT mode or L7_VS mode enabled "client-address", make sure FortiADC is the gateway for RS.
  2. If you want to use L4_VS DNAT, you have to go to the outgoing port in Azure and enable IP forwarding, because the RS source IP is not the same as the FortiADC outgoing port IP.
  3. Does not support HA-AP and HA-AA mode.
  4. Only supports HA-VRRP group with two FortiADC's currently.
  5. If you configure L4VS “NAT Source Pool” or SNAT “Translation to IP Address”, Floating IP etc, you must add these IP's to the instance interface via secondary IP on Azure.
  6. If you manually change the FortiADC’s configuration, for example by changing VS IP, second IP, floating IP, NAT Source Pool, or changing the VS traffic group, you must make the corresponding changes on Azure.
  7. It is suggested that you use a static IP on Azure, because in the case of an FortiADC HA failover the dynamic IP may change, so the Azure IP and the FortiADC IP will not be the same.
  8. VS IP, Floating IP, NAT Source Pool cannot be the same as the interface primary IP, because in the case of an FortiADC HA failover there may be issues.
  9. You have to use log disk, otherwise some functions cannot be used correctly, like VRRP.
  10. FortiADC's HSM client, Luna HSM version 7.2 or higher, is compatible with Azure HSM.

Important notes

  1. In L4_VS DNAT mode or L7_VS mode enabled "client-address", make sure FortiADC is the gateway for RS.
  2. If you want to use L4_VS DNAT, you have to go to the outgoing port in Azure and enable IP forwarding, because the RS source IP is not the same as the FortiADC outgoing port IP.
  3. Does not support HA-AP and HA-AA mode.
  4. Only supports HA-VRRP group with two FortiADC's currently.
  5. If you configure L4VS “NAT Source Pool” or SNAT “Translation to IP Address”, Floating IP etc, you must add these IP's to the instance interface via secondary IP on Azure.
  6. If you manually change the FortiADC’s configuration, for example by changing VS IP, second IP, floating IP, NAT Source Pool, or changing the VS traffic group, you must make the corresponding changes on Azure.
  7. It is suggested that you use a static IP on Azure, because in the case of an FortiADC HA failover the dynamic IP may change, so the Azure IP and the FortiADC IP will not be the same.
  8. VS IP, Floating IP, NAT Source Pool cannot be the same as the interface primary IP, because in the case of an FortiADC HA failover there may be issues.
  9. You have to use log disk, otherwise some functions cannot be used correctly, like VRRP.
  10. FortiADC's HSM client, Luna HSM version 7.2 or higher, is compatible with Azure HSM.