The configuration object framework supports the granularity of FortiADC application delivery control rules. You can configure specific options and rules for one particular type of traffic, and different options and rules for another type.
Server load balancing configuration steps shows the configuration objects used in the server load balancing configuration and the order in which you create them.
- Configure health check rules and real server SSL profiles.
- Configure server pools.
- Configure persistence rules, optional features and policies, profile components, and load balancing methods.
- Configure the virtual server.
This step is optional. In many cases, you can use predefined health check rules and predefined real server SSL profiles. If you want to use custom rules, configure them before you configure the pools of real servers.
This step is required. Server pools are the backend servers you want to load balance and specify the health checks used to determine server availability.
You can skip this step if you want to select from predefined persistence rules, profiles, and methods.
When you configure a virtual server, you select from predefined and custom configuration objects.
For a members-only HTTPS web server farm, you might have a workflow similar to the following:
- Configure security module firewall rules that allow only HTTPS traffic from untrusted subnets to the virtual server.
- Import server SSL certificates, configure a local certificate group, and a certificate verification policy.
- Configure HTTPS health checks to test the availability of the web servers.
- Configure the server pools, referencing the health check configuration object.
- Configure authentication:
- Create a RADIUS or LDAP server configuration.
- Create user groups.
- Create an authentication policy.
- Predefined: WAF policy, Persistence, Method
- User-defined: Authentication Policy, Profile