|
In the Azure load balancer, if the FortiGate-VM probe is enabled, the Azure load balancer sends out a probe to a TCP/UDP port to verify if the VM is up and running.
In the FortiGate, a specific probe config is activated on TCP/8008.
In order to probe detect in Azure load balancer, FortiGate needs to configure the below step via CLI:
config system probe-response
set port 8008
set http-probe-value "OK"
set mode http-probe
end
config system interface
edit "2"
set ip 10.10.10.10 255.255.255.0
set allowaccess probe-response <----- This will only allow probe-response. If other access is required, please include it in this command. Alternatively, use command < # append allowaccess probe-response > to append existing settings.
set device-identification enable
set role wan
set snmp-index 16
config firewall local-in-policy
edit 1
set uuid 80d9ad84-c99c-51ed-3072-b327f1deb659
set intf "port2"
set srcaddr "all"
set dstaddr "all"
set action accept
set service "TCP_8008
A sample config of Azure load balancer.
|
