Fortinet black logo

Administration Guide

Enabling or disabling traffic forwarding to your servers

Enabling or disabling traffic forwarding to your servers

The server pool configuration allows you to individually enable and disable FortiWeb’s forwarding of HTTP/HTTPS traffic to your web servers, or place them in maintenance mode.

Disabling servers only affects HTTP/HTTPS traffic. To enable or disable forwarding of FTP, SSH, or other traffic, use the CLI command config router setting. For details, see the FortiWeb CLI Reference:

HTTPs://docs.fortinet.com/product/fortiweb/

You can select server pools with disabled virtual servers in a server policy even though the policy cannot forward traffic to the disabled servers.

Disabled physical and domain servers can belong to a server pool, but FortiWeb does not forward traffic to them. If a server in a pool is disabled, FortiWeb will transfer any remaining HTTP transactions in the TCP stream to an active physical server in the server pool according to the pool's load balancing algorithm. For details, see Load Balancing Algorithm.

By default, physical and domain servers that belong to a pool are enabled and the FortiWeb appliance can forward traffic to them. To prevent traffic from being forwarded to a physical server, such as when the server is unavailable for a long time due to repairs, you can disable it. If the disabled physical server is a member of a Server Balance server pool, the FortiWeb appliance automatically forwards connections to other enabled pool members.

Alternatively, if the physical or domain server is a member of a Server Balance server pool and will be unavailable only temporarily, you can configure a server health check to automatically prevent the FortiWeb appliance from forwarding traffic to that physical server when it is unresponsive. For details, see Configuring server up/down checks.

Disabling a physical or domain server could block traffic matching policies in which you have selected the server pool of which the physical server is a member.
See also

Enabling or disabling traffic forwarding to your servers

The server pool configuration allows you to individually enable and disable FortiWeb’s forwarding of HTTP/HTTPS traffic to your web servers, or place them in maintenance mode.

Disabling servers only affects HTTP/HTTPS traffic. To enable or disable forwarding of FTP, SSH, or other traffic, use the CLI command config router setting. For details, see the FortiWeb CLI Reference:

HTTPs://docs.fortinet.com/product/fortiweb/

You can select server pools with disabled virtual servers in a server policy even though the policy cannot forward traffic to the disabled servers.

Disabled physical and domain servers can belong to a server pool, but FortiWeb does not forward traffic to them. If a server in a pool is disabled, FortiWeb will transfer any remaining HTTP transactions in the TCP stream to an active physical server in the server pool according to the pool's load balancing algorithm. For details, see Load Balancing Algorithm.

By default, physical and domain servers that belong to a pool are enabled and the FortiWeb appliance can forward traffic to them. To prevent traffic from being forwarded to a physical server, such as when the server is unavailable for a long time due to repairs, you can disable it. If the disabled physical server is a member of a Server Balance server pool, the FortiWeb appliance automatically forwards connections to other enabled pool members.

Alternatively, if the physical or domain server is a member of a Server Balance server pool and will be unavailable only temporarily, you can configure a server health check to automatically prevent the FortiWeb appliance from forwarding traffic to that physical server when it is unresponsive. For details, see Configuring server up/down checks.

Disabling a physical or domain server could block traffic matching policies in which you have selected the server pool of which the physical server is a member.
See also