FortiADC™ Deployment Guide

Load Balancing Oracle E-Business Suite

Introduction

Fortinet Application Delivery Controller (FortiADC) appliances are high-performance server load balancing
and application delivery, which optimize the availability, user experience, and scalability of enterprise
application delivery.

Oracle E-Business Suite is the most comprehensive suite of integrated business applications. The
FortiADC fully supports Oracle E-Business Suite.

In this deployment guide, we are using SSL acceleration topology. With the SSL acceleration topology,
FortiADC accepts connections from the clients encrypted over TCPS and then send the traffic to the
Oracle E-Business application encrypted over TCPS too, which provides the more secure service for most
requirements.

FortiADC also support SSL offloading topology, which is not included in this deployment.

Solution benefits
• Delivers 99.999% application uptime with intelligent server load balancing
• Optimize the SSL workload of Oracle E-Business servers with SSL acceleration
• Secures Oracle E-Business applications

Prerequisites
The Oracle E-Business environment must be set up and FortiADC’s basic networking configuration is
ready.

The minimum system requirements are:

• FortiADC with firmware version 4.8 or later

• Oracle E-Business Suite 12 or later
• Established the access to the FortiADC Web User Interface (WebUI)

FortiADC Configuration

This section provides configuration guidelines for load balancing Oracle E-Business applications.
Figure 1: Load balancing Oracle E-Business topology

Client1 Client2

InterNet

FortiADC

IntraNet

E-Business Suite 12 E-Business Suite 12

Basic Configuration

This section provides the basic procedures for getting started with layer 4 and Layer 7 load balancing. It
includes the following steps:

Step 1: Configure network interfaces and a static route

Step 2: Configure the load balancing Real Server Pool and Real Servers

Step 3: Configure the load balancing Virtual Server

Step 1: Configure network interfaces and a static route

You configure two network interfaces and a static route for deployment:

• port1 – External network (WAN)

• port2 -- Internal network (LAN)
• A static route.

To configure network interfaces, go to Networking > Interface. Table 1 shows the configuration
summary. Figure 2 shows the configuration page for port1.

Table 1: Interface configuration summary

Settings Values Notes

Name Port1
Allow Access HTTPS, HTTP Enable the protocols based on your
configuration.
IPv4/Netmask 10.106.168.4/23
Figure 2: Network interface configuration page
 To configure a static route, go to Networking > Routing. Table 2 shows the configuration summary.
Figure 3 shows the configuration for a static route.

Table 2: Route configuration summary

Settings Values Notes

Destination 0.0.0.0/0
Gateway 10.106.169.254

Figure 3: Static route configuration page

Step 2: Configure the Server Pool and Real Servers

The FortiADC server load balancing (SLB) feature is to load balancing the traffic on the port 443 to a
pool of Oracle E-Business applications.

Server pools are groups of servers that can be assigned as a unit to a FortiADC Virtual Server. A
server pool consists of member servers.
 You configure a server pool and two real servers for deployment:

• Create a TCP server pool object.

• Add members.

To configure a real server pool, go to Server Load Balance > Real Server Pool. Table 3 through
Table 5 show the configuration summary. Figure 4 through Figure 6 show the configuration pages.

Table 3: Real Server Pool configuration summary

Settings Values Notes

Name ebs
Real Server SSL Profile LB_RS_SSL_PROF_DEFAULT When the SSL is enabled on Oracle
EBS application, please add the real
sever SSL profile in the real server
pool configuration.
Notes:
To encrypt traffic between the server
and FortiADC, the necessary
certificates must be installed before
configurations. In this deployment,
we are using the default certificates
provided by FortiADC.
Management certificate, please go to
System > Certificate > Manage
Certificates.
Member 1. 20.1.2.41 Two real servers that are running
2. 20.1.2.42 Oracle EBS applications.
Figure 4: Real server pool configuration page
Table 4: Real Server member configuration summary

Settings Values Notes

Real Server 20.1.2.42 The name of real server
Port 443 Use the port that is using by Oracle E-
Business

Figure 5: Real Server member configuration page

Table 5: Real Server configuration summary

Settings Values Notes

Name 20.1.2.41 The name of real server
Address 20.1.2.41
Figure 6: Real Server configuration page

To configure the health check for the real server pool, go to Server Load Balance > Real Server
Pool. Table 3 through Table 6 show the configuration summary. Figure 7 shows the configuration
pages.

Table 6: Real server configuration summary

Settings Values Notes

Name ebs
Type IPv4 Using Layer 7 HTTP Virtual Server for this
deployment.
Health Check Enable
Health Check AND Please choose ‘AND’ or ‘OR’ based on your
Relationship configurations.
Health Check LB_HLTHCK_HTTPS We use LB_HLTHCK_HTTPS in this deployment
List
 Figure 7: SLB real server configuration page

Step 3: Configure the Virtual Servers

In this deployment, the FortiADC virtual servers are Layer 7 virtual servers with SSL optimization.

You configure a virtual server for deployment:

• Create a TCPs virtual server object.

• Add real server pool.

To configure virtual servers, go to Server Load Balance > Virtual Server. Table 76 and Table 87
show the configuration summary. Figure 87 and Figure 98 show the configuration summary page.
Table 76: Virtual server configuration summary

Settings Values Notes

Name ebs_vs
Type Layer 7 Using Layer 7 HTTP Virtual Server for this
deployment.
Status Enable

Figure 87: SLB virtual server configuration page

Table 86: Virtual Server General configuration summary

Settings Values Notes

Address 10.106.168.73
Port 443
Profile LB_PROF_TCPS Using TCPS profile for the deployment.
Notes: Formatted: Font: Bold
FortiADC supports HTTP/S virtual service
for SSL inspection too. In case of enabling
WAF, AV or other Layer 7 load balancing
decision features, please use HTTP/S
virtual service.
Client SSL Profile LB_CLIENT_SSL_PROF_DEFAU Add SSL profile if the SSL overload is
LT enabled on Oracle E-Business
environment.
Notes:
To encrypt traffic between the client and
FortiADC, the necessary certificates must
be installed before configurations. In this
deployment, we are using the default
certificates provided by FortiADC.
Management certificate, please go to
System > Certificate > Manage
Certificates.
Persistence LB_PERSIS_HASH_SRC_ADDR No persistence is configured in this
None deployment. We provide many
persistence methods. For example,
Source IP address persistence that will
provide client connections to the same
server node. You can use any one based
on your requirement.We recommend
configuring LB_PERSIS_HASH_SRC_ADDR
for the persistence method for Oracle E-
business deployment.
Method LB_METHOD_ROUND_ROBIN Using the default one for the
deployment.
Real Server Pool ebs Add the server pool we created in step 2
before.
Figure 97: Virtual Server General configuration page
Verification

You can use the FortiADC logs to verify that packet flow is working as expected.

Before reviewing the traffic logs, please enable the traffic log under Server Load Balance > Virtual
Server > ebs_vs (The name of virtual server that is created in step3) > Traffic Log. Figure 8 shows
the configuration page for traffic log under virtual server.

Figure 108: Traffic log configuration page

To check the logs for Layer 7 TCPS virtual servers, go to Log & Report > Log Browsing > Traffic Log >
SLB TCPS. Figure 9 shows the traffic log for SLB TCPS service.

Figure 119: Traffic log page

Additional Features
FortiADC provides many security and optimization features. This deployment guide only configures the
minimum features. You may continue enabling the following features for your deployment:

• High-Availability (HA)
• Web Application Firewall (WAF)
• AntiVirus (AV)
• Content Caching
Formatted: Font: (Default) Arial, 9.5 pt

• Formatted: List Paragraph, Bulleted + Level: 1 +

Aligned at: 0.54" + Indent at: 0.79"
Formatted: Normal, Indent: Left: 0.29", No bullets or
numbering
Formatted: Normal
Summary
FortiADC provides the load balancing, application acceleration, and high availability features demanded by
medium to large Oracle E-Business applications. This document has presented a step-by-step guide to
configure the minimum FortiADC’s features for an Oracle E-Business environment.