FortiGate is the default gateway of the servers.

Only load balancing traffic is

sent to the FortiADC.
l Clients send HTTP requests to the FortiADC virtual server IP address (ex.
10.10.10.10). FortiADC acts as a reverse
proxy: it NATs the source address, opens new HTTP connections, and load balances
the traffic between the Web
Servers.
l You can configure a FortiADC profile option to write the original source IP
address to the X-Forwarded-For header.
You can configure the real server logging to write the X-Forwarded-For field.

Benefits
l No network changes needed
l Easy to test and deploy
Cautions
l Lose client IP address visibility
l Requires source pool NAT on FortiADC

Basic configuration
config system global
set hostname FortiADC-VM
end
config system interface
edit "port1"
set vdom root
set ip 192.168.1.1/24
set allowaccess https ping ssh http
config ha-node-ip-list
end
next
end
config system dns
set primary 208.91.112.53
set secondary 208.91.112.52
end
config system admin
edit "admin"
set is-system-admin yes
set vdom root
set access-profile super_admin_prof
next
end
config load-balance ippool
edit "NAT"
set interface port1
set ip-min 192.168.1.3
set ip-max 192.168.1.3
config node-member
end
next
end
config load-balance pool
edit "Web_Group"
set health-check-ctrl enable
set health-check-list LB_HLTHCK_ICMP
config pool_member
edit 1
set ip 192.168.1.100
next
edit 2
set ip 192.168.1.101
next
edit 3

set ip 192.168.1.102
next
end
next
end
config load-balance virtual-server
edit "Web_VIP"
set packet-forwarding-method FullNAT
set interface port1 set ip 192.168.1.2
set load-balance-profile LB_PROF_TCP
set load-balance-method LB_METHOD_ROUND_ROBIN
set load-balance-pool Web_Group
set ippool NAT
set traffic-log enable
next
end