FortiADC Handbook Configuring Health Checks PDF

Chapter 10: Shared Resources Configuring health checks
Chapter 10: Shared Resources
This chapter includes the following topics:
l "Configuring health checks" on page 340.

l "Monitoring health check status" on page 350.
l "Creating schedule groups" on page 350.
l "Creating IPv4 address objects" on page 351.
l "Configuring IPv4 address groups" on page 352.
l "Creating IPv6 address objects" on page 353.
l "Configuring IPv6 address groups" on page 354.
l "Managing ISP address books" on page 355.
l "Creating service objects" on page 358.
l "Creating service groups" on page 359.
Configuring health checks
In server load balancing deployments, the system uses health checks to poll the members of the real server pool
to test whether an application is available. You can also configure additional health checks to poll related servers,
and you can include results for both in the health check rule. For example, you can configure an HTTP health
check test and a RADIUS health check test. In a web application that requires user authentication, the web server
is deemed available only if the web server and the related RADIUS server pass the health check.
In link load balancing deployments, the health check can poll either the ISP link group member itself or a “beacon”
server that is deployed on the other side of the ISP link. A beacon is an IP address that must be reachable in order
for the link to be deemed available. A beacon can be any IP address, such as a main office, core router, or virtual
server at another data center.
If you expect a backend server is going to be unavailable for a long period, such as
when it is undergoing hardware repair, it is experiencing extended down time, or when
you have removed it from the server farm, you can improve the performance of the
FortiADC system by setting the status of the pool member to Disabled, rather than
allowing the system to continue to attempt health checks.
Table 108 describes the predefined health checks. You can get started with these or create custom objects.
Table 108: Predefined health check configuration objects
Predefined Description
LB_HLTHCK_HTTP Sends a HEAD request to the server port 80. Expects the server to
return an HTTP 200.
LB_HLTHCK_HTTPS Sends a HEAD request to the server port 443. Expects the server to
return an HTTP 200.
340 FortiADC Handbook

Fortinet Technologies, Inc.
Configuring health checks Chapter 10: Shared Resources
Predefined Description
LB_HLTHCK_ICMP Pings the server.
LB_HLTHCK_TCP_ Sends a TCP echo to server port 7. Expects the server to respond with
ECHO the corresponding TCP echo.
Before you begin:
l You must have a good understanding of TCP/IP and knowledge of the services running on your backend servers.
l You must know the IP address, port, and configuration details for the applications running on backend servers. For
some application protocol checks, you must specify user credentials.
l You must have Read-Write permission for Load Balance settings.
After you have configured a health check, you can select it in the SLB server pool, LLB link group, or GLB server
configuration.
To configure a health check:
1. Go to Shared Resources > Health Check.

2. Click Create New to display the configuration editor.
3. Select one of the following options:
l ICMP l TCP Half Open

l TCP Echo Connection
l TCP l TCP SSL
l HTTP l SNMP
l HTTPS l SSH
l DNS l L2 Detection
l RADIUS l UDP
l SMTP l SIP
l POP3 l SIP-TCP
l IMAP4 l SNMP-Custom
l RADIUS Accounting l RSTP
l FTP l MySQL
l Oracle l Diameter
4. Complete the configuration as described in Table 109.

5. Save the configuration.
You can clone a predefined configuration object to help you get started with a
user-defined configuration.
To clone a configuration object, click the clone icon that appears in the tools
column on the configuration summary page.
FortiADC Handbook 341
Table 109: Health check configuration
Settings Guidelines
General
Name Configuration name. Valid characters are A-Z, a-z, 0-9, _, and -. No spaces.
After you initially save the configuration, you cannot edit the name.
Type Select a type of health check.
Destination l IPv4
Address Type l IPv6
Destination IP address to send health check traffic.

Address
In server load balancing deployments, if you do not specify an IP address, the real
server IP address is used. You might configure IP address for a health check if you
are configuring a combination of health checks to poll related servers.
In link load balancing deployments, if you do not specify an IP address, the

destination IP address is the address of the gateway. You can configure IP
address if you want to test connectivity to a beacon on the other side of the
gateway, or if you want to test whether service traffic is allowed to pass through
the link.
Hostname For HTTP or HTTPS health checks, you can specify the hostname (FQDN)
instead of the destination IP address. This is useful in VM environments where
multiple applications have the same IP address.
Interval Seconds between each health check. Should be more than the timeout to prevent
overlapping health checks. The default is 10.
Timeout Seconds to wait for a reply before assuming that the health check has failed. The
default is 5.
Up Retry Attempts to retry the health check to see if a down server has become available.
The default is 1.
Down Retry Attempts to retry the health check to see if an up server has become unavailable.
The default is 1.
Specifics
ICMP
No specific Simple ping to test connectivity.

options

Settings Guidelines
TCP Echo
No specific Simple ping to test connectivity.

options
TCP / TCP Half Open Connection / UDP
Port Listening port number of the backend server. Usually HTTP is 80, FTP is 21, DNS
is 53, POP3 is 110, IMAP4 is 143, RADIUS is 1812, and SNMP is 161.
TCP SSL
Port Listening port number of the backend server. Usually HTTP is 80, FTP is 21, DNS
is 53, POP3 is 110, IMAP4 is 143, RADIUS is 1812, and SNMP is 161.
SSL Ciphers Default selections are recommended.
Local Cert For TCP SSL only. Click the down arrow and select a local SSL Health Check
Client certificate from the list menu. The certificate titled "Factory" is the default
certificate shipped with your FortiADC. The rest, if any, are the custom
certificates that you have created.
HTTP/HTTPS
Port Listening port number of the backend server. Usually HTTP is 80. If testing an
HTTP proxy server, specify the proxy port.
SSL Ciphers For HTTPS only. Default selections are recommended.
Local Cert For HTTPS only. See TCP / TCP Half Open Connection / TCP SSL / UDP above.
HTTP If the real server pool members are HTTP proxy servers, specify an HTTP
CONNECT CONNECT option:
l Local CONNECT—Use HTTP CONNECT to test the tunnel connection through the
proxy to the remote server. The member is deemed available if the request returns
status code 200 (OK).
l Remote CONNECT—Use HTTP CONNECT to test both the proxy server response
and remote server application availability. If you select this option, you can configure
an HTTP request within the tunnel. For example, you can configure an HTTP
GET/HEAD request to the specified URL and the expected response.
l No CONNECT—Do not use the HTTP CONNECT method. This option is the
default. The HTTP CONNECT option is useful to test the availability of proxy servers
only.
See the FortiADC Deployment Guide for FortiCache for an example that uses
this health check.
Settings Guidelines
Remote Host If you use HTTP CONNECT to test proxy servers, specify the remote server IP
address.
Remote Port If you use HTTP CONNECT to test proxy servers, specify the remote server port.
Method Type HTTP method for the test traffic:
l HTTP GET—Send an HTTP GET request to the server. A response to an HTTP GET
request includes HTTP headers and HTTP body.
l HTTP HEAD—Send an HTTP HEAD request. A response to an HTTP HEAD request
includes HTTP headers only.
Send String The request URL, such as /contact.php.
Receive String A string expected in return when the HTTP GET request is successful.
Status Code The health check sends an HTTP request to the server. Specify the HTTP status
code in the server reply that indicates a successful test. Typically, you use status
code 200 (OK). Other status codes indicate errors.
Match Type What determines a failed health check?
l Match String
l Match Status
l Match All (match both string and status)
Not applicable when using HTTP HEAD. HTTP HEAD requests test status code
only.
DNS
Domain Name The FQDN, such as www.example.com, to use in the DNS A/AAAA record health
check.
Address Type l IPv4

l IPv6
Host Address IP address that matches the FQDN, indicating a successful health check.
RADIUS / RADIUS Accounting
Port Listening port number of the backend server. Usually RADIUS is 1812 and
RADIUS accounting is 1813.
Username User name of an account on the backend server.
Password The corresponding password.

Settings Guidelines
Password l User—If the backend server does not use CHAP, select this option.
Type l CHAP—If the backend server uses CHAP and does not require a secret key, select
this option.
Secret Key The secret set on the backend server.
NAS IP NAS IP address RADIUS attribute (if the RADIUS server requires this attribute to
Address make a connection).
SIP / SIP-TCP
Port Specify the port number. Valid values range from 0 to 65535.
SIP Request Specify the SIP request type to be used for health checks:
Type
l SIP Options
l SIP Register
Status Code The expected response code. If not set, response code 200 is expected. Specify 0 if
any reply should indicate the server is available.
SMTP
Port Listening port number of the backend server. Usually SMTP is 25.
Domain Name The FQDN, such as www.example.com, to use in the SMTP HELO request used
for health checks.
If the response is OK (250), the server is considered as up. If there is error

response (501) or no response at all, the server is considered down.
POP3
Port Listening port number of the backend server. Usually POP3 is 110.
IMAP4
Port Listening port number of the backend server. Usually IMAP4 is 143.
Settings Guidelines
Folder Select an email mailbox to use in the health check. If the mailbox does not exist
or is not accessible, the health check fails. The default is INBOX.
FTP
Port Listening port number of the backend server. Usually FTP is 21.
User name User name of an account on the backend server.
File Specify a file that exists on the backend server. Path is relative to the initial login
path. If the file does not exist or is not accessible, the health check fails.
Passive Select this option if the backend server uses passive FTP.
SNMP
Port Listening port number of the backend server. Usually SNMP is 161 or 162.
CPU Maximum normal CPU usage. If overburdened, the health check fails.
Memory Maximum normal RAM usage. If overburdened, the health check fails.
Disk Maximum normal disk usage. If the disk is too full, the health check fails.
Agent type l UCD

l Windows 2000
Community Must match the SNMP community string set on the backend server. If this does
not match, all SNMP health checks fail.
Version SNMP v1 or v2c.
CPU Weight 100
Memory 100
Weight
Disk Weight 100
SNMP-Custom
Port Listening port number of the backend server. Usually SNMP is 161 or 162.

Settings Guidelines
Community Must match the SNMP community string set on the backend server. If this does
not match, all SNMP health checks fail.
Version SNMP v1 or v2c.
OID String specifying the OID to query
Value Type Abstract syntax notation (ASN) value type:
l ASN_INTEGER
l ASN_OCTET_STR
l ASN_OBJECT_ID
l ASN_COUNTER
l ASN_UINTEGER
Compare Type l Equal

l Less
l Greater
Counter Value Specify the value for the evaluation.
SSH
Port Listening port number of the backend server. Usually SSH is 22.
Username Username for test login.
Password Corresponding password.
L2 Detection
No specific Link Layer health checker. Sends ARP (IPv4) or NDP (IPv6) packets to test
options whether a physically connected system is available.
RTSP
Port Specify the listening port number. Valid values range from 0 to 65535.
RTSP Method RTSP Options

Type
Status Code 200
MySQL
Settings Guidelines
Port Specify the listening port number of the MySQL server. Valid values range from 0
to 65535.
Username Specify the database user name. (Optional)
Password Specify the database password, if applicable.
MySQL Server Select either of the following:

Type
l Master (Default)
l Slave
Diameter
Origin Host Specify the FortiADC appliance that originates the Diameter message. The value
is in FQDN format and used to uniquely identify a Diameter node for duplicate
connection and routing loop detection.
Note: Some Diameter servers do not accept multiple connections from the same
origin host. If you set the origin host the same as the origin host (Identity) of the
Diameter load-balance profile and use the health check and Diameter load
balance profile in the same virtual server, the health check or the Diameter load-
balance profile may run into certain undefined problems.
Origin Realm Specify the realm of the FortiADC appliance that originates the Diameter
message. The value is in FQDN format.
Vendor ID Specify the type Unsigned32 vendor ID which contains the IANA "SMI Network
Management Private Enterprise Codes" value assigned to the vendor of a
Diameter application. The default is 12356.
Product Name Specify the type UTF8String product name which contains the vendor assigned
name for the product.
Host IPv4 Specify the type IPv4 address used to inform a Diameter peer of the sender's IP
Address address when the destination address type is IPv4. The default is blank, meaning
that it is the address of the FortiADC's outgoing interface.
Host IPv6 Specify the type IPv6 address used to inform a Diameter peer of the sender's IP
Address address when the destination address type is IPv6. The default is blank, meaning
that it is the address of the FortiADC's outgoing interface.
Auth Specify the type Unsigned32 authentication application ID used to advertise

Application ID support of the authentication and authorization portion of an application. This
filed is optional; the default is 0 (zero).

Settings Guidelines
Acct Specify the type Unsigned32 accounting application ID used to advertise support
Application ID of the accounting portion of an application. This field is optional; the default is 0
(zero).
Oracle Note: Oracle DB HC only supports Hardware models in 5.1.0
Port Listening port number of the OracleDB server.
Username Specify the database username
Password Specify the database password
Connect type Select one of the following:
l Service name
l SID
l Connect string
Service name Use this to specify the service name.
SID Use this to specify the SID
Connect String Use this to specify the connect string
Oracle-send- Send a string (command) to the OracleDb server

string
Oracle- The string we accept in order to receive

receive-string
Row The row in which the send string (command) takes effect
Column The column in which the send string (command) takes effect
Script
Port Specify the port that the script uses
Script Specify the script which we create or which we have pre-defined
Chapter 10: Shared Resources Monitoring health check status
In SLB deployments, a health check port configuration specifying port 0 acts as a

wildcard.The port for health check traffic is imputed from the real server pool
member.
In LLB and GLB deployments, specifying port 0 is invalid because there is no

associated configuration to impute a proper port. If your health check port
configuration specifies port 0, you will not be able to use it in an LLB or GLB
configuration.
Monitoring health check status
FortiADC enables you to monitor the health of server in real time directly from your desktop, as described below.
1. Click Shared Resources > Health Check.

2. Click the Health Check Monitor tab.
3. Configure the health check monitor as described in Table 110.
4. Click Start to perform the health check. The result will show in the Monitor Information.
Table 110: Checking server health
Parameter Description
IP Address Enter the IP address of the remote server.
Health Check Select the health check configuration.
Port Enter the port number, if applicable. Note: This field is available only
for health check configurations that require port numbers.
Creating schedule groups
You create schedule objects to use in link load balancing policies. A policy rule can be time-bound: one time,
daily, weekly, or monthly.
Basic Steps
1. Create a schedule object.

2. Select the schedule when you configure the link policy.
Before you begin:
l You must have Read-Write permission for System settings.
To create schedule objects:
1. Go to Shared Resources > Schedule Group.


Creating IPv4 address objects Chapter 10: Shared Resources
3. Give the schedule a name, save it, and add schedule members as described in Table 111.
Table 111: Schedule member configuration
Settings Guidelines
Name Unique group name. Valid characters are A-Z, a-z, 0-9, _, and -. No spaces.
Member
Name Unique member name. Valid characters are A-Z, a-z, 0-9, _, and -. No spaces.
Type l One Time

l Daily
l Weekly
l Monthly
Start Date YYYY/MM/DD.
End Date YYYY/MM/DD.
Start Time HH:MM.
End Time HH:MM.
Creating IPv4 address objects
You create address objects to specify matching source and destination addresses in policies.
The following policies use address objects:
l Firewall policies
l QoS policies
l Connection limit policies
l Link load balancing policies
Note: For link load balancing, you can also add address objects to address groups, which can then be used in link
load balance policies.
Basic Steps
1. Create address objects.

2. Select them when you configure address groups or policies.
Note: Before you begin, you must have Read-Write permission for System settings.
Chapter 10: Shared Resources Configuring IPv4 address groups
To create an address object:
1. Click Shared Resources > Address.

4. Click Save.
Table 112: Address object configuration
Settings Guidelines
Type l IPv4/Netmask
l Address Range
IPv4/Netmask Specify a subnet using the IP address/mask notation.

(or
IPv6/Netmask)
Address Specify the start and end of an address range.

Range
Configuring IPv4 address groups
You configure address group objects when you have more than one address object you want to specify in rules
that match source or destination addresses. For example, if you subscribe customer 1 and customer 2 to a group
of links, then you can create rules that match the customer 1 OR customer 2 address space and load balance the
set of gateways assigned to them.
The following policies use address groups:
Basic Steps

2. Configure address group objects. You can add up to 256 members in a group.
3. Select the address groups when you configure your policies.
Before you begin:
To configure an address group:

2. Click the Address Group tab.

Creating IPv6 address objects Chapter 10: Shared Resources

5. Click Save.
Table 113: Address Group configuration
Settings Guidelines
Member List
Address Select an address object.
Creating IPv6 address objects
You create address objects to specify matching source and destination addresses in policies.
The following policies use address objects:
l Firewall policies
l QoS policies
Note: For link load balancing, you can also add address objects to address groups, which can then be used in link
load balance policies.
Basic Steps

2. Select them when you configure address groups or policies.
Note: Before you begin, you must have Read-Write permission for System settings.
To create an address object:
1. Click Shared Resources > IPv6 Address.

4. Click Save.
Chapter 10: Shared Resources Configuring IPv6 address groups
Table 114: IPv6 Address object configuration
Settings Guidelines
Type l IPv6/Netmask
l Address Range
IPv4/Netmask Specify a subnet using the IP address/mask notation.

(or
IPv6/Netmask)
Address Specify the start and end of an address range.

Range
Configuring IPv6 address groups
You configure address group objects when you have more than one address object you want to specify in rules
that match source or destination addresses. For example, if you subscribe customer 1 and customer 2 to a group
of links, then you can create rules that match the customer 1 OR customer 2 address space and load balance the
set of gateways assigned to them.
The following policies use address groups:
Basic Steps

2. Configure address group objects. You can add up to 256 members in a group.
3. Select the address groups when you configure your policies.
Before you begin:
To configure an address group:

2. Click the IPv6 Address Group tab.
3. Click Add to display the configuration editor.
5. Click Save.

Managing ISP address books Chapter 10: Shared Resources
Table 115: Address Group configuration
Settings Guidelines
Member List
Address Select an address object.
Managing ISP address books
ISP address books contain IP subnet addresses and associated province location settings for ISP links.
The following policies use the ISP address book objects:
l ISP routes
l LLB proximity routes
l LLB policies
l GLB data center configuration
The province setting is used in GLB deployments in China to enable location awareness that is province-specific.
For example, a user can be directed to a data center in specific location inside the country, such as Beijing or
Guangdong, rather than simply China.
Figure 75 shows the three types of address book entries:

l Predefined—Addresses and associated province location settings for China Mobile, China Telecom, and China
Unicom. The IP subnet addresses in the predefined address books are not exposed in the user interface. The
predefined package is provided to make it easier for you to configure a route when all you know and all you need to
know is the name of the ISP that hosts the link.
l Restored—Addresses imported from a text file. The IP subnet addresses in the restored address books are not
exposed in the user interface. “Restored” addresses can help you rapidly build an ISP address book configuration.
“Restored” addresses can help you rapidly build an ISP address book configuration.
l User-defined—In the ISP address configuration, you can modify the predefined and restored address books by
specifying subnets to add or exclude from them. This gives you flexibility in case you encounter address conflicts or
the ISP instructs you to add a subnet address manually.
You can also create new user-defined entries for other ISPs.
Note: In systems with multiple VDOMs, these commands apply to the current VDOM only. In other words, if you
configure an exclusion, it is applicable to the current VDOM only; it does not change the predefined address book.
You can use the Inquire utility to see whether an IP address belongs to any of the address books. If an address
can be found in more than one address book, the results are returned in the following priority:
Chapter 10: Shared Resources Managing ISP address books
1. User-defined
2. Restored
3. Predefined
Figure 75: ISP address book types
The text file for the Restored entries has the following format:
#this is a comment line
ISP name:ABC
Province:Beijing
1.1.1.0/24
Province:Unknown
2.2.0.0 255.255.0.0
#this is a comment line too
3.3.3.3/32
ISP name:DEF
Province:Shanghai
4.4.4.0 255.255.255.0
5.5.0.0/16
You use the Restore utility to import the file and the Back Up utility to export it.
You use the Clean utility to erase entries that were imported from the text file. The clean operation does not
affect the predefined addresses or user-configured entries. If a restored entry has user-configured elements (for
example, an exclude list), the clean operation clears the addresses but preserves the configuration and converts it
to a user-defined type.

Managing ISP address books Chapter 10: Shared Resources
Basic Steps
1. Create ISP address objects.

2. Select them when you configure your policies.
Note: Before you begin, you must have read-write permission for System settings.
Create an ISP address book object
To create an ISP address book object:
1. Click Shared Resource > Address.

2. Click the ISP Address tab.
3. Click Create New. The ISP Address dialog opens.
5. Click Save.
Table 116: ISP address object configuration
Settings Guidelines
Address Address/mask notation specifying a subnet to add it to the address book

entry.
Excluded Address Address/mask notation specifying a subnet to be excluded from the address
book entry. Create exclusions to predefined and restored address books only.
Note: This field applies to predefined and restored address books only; it is
not applicable or available for user-defined address books.
Chapter 10: Shared Resources Creating service objects
Settings Guidelines
Province Select the associated province location. The configuration supports the
following selections:
Anhui Henan Shanxi

(Taiyuan)
Beijing Hubei
Shanxi
Chongqing Hunan
(Xian)
Fujian Jiangsu
Sichuan
Gansu Jiangxi
Tianjin
Guangdong Jilin Liaoning
Xianggang
Guangxi Neimenggu
Xinjiang
Guizhou Ningxia
Xizang
Hainan Qinghai
Yunnan
Hebei Shandong
Zhejiang
Heilongjiang Shanghai
Unknown
Creating service objects
FortiADC provides more than two dozen predefined services, as shown on the Shared Resources > Service >
Service page. In addition, it allows you to create your service objects as well. Service objects are an important
part of the following policy configurations:
l Firewall policies
l QoS policies
Note: For link load-balancing, you can also add service objects to service groups; then use service groups in LLB
policies.
Basic Steps
1. Create service objects.

2. Select them when you configure service groups or policies.
Before you begin:
To create a service object:
1. Go to Shared Resources > Service.

2. Select the Service tab.

Creating service groups Chapter 10: Shared Resources

Table 117: Service object configuration
Settings Guidelines
Note: Once created, the name cannot be changed.
Protocol Type Select one of the following:
l ip (default)
l icmp
l tcp
l udp
l tcp-and-udp
l sctp
Protocol 1
Note: This applies only when Protocol Type is to set to IP. In that case, it displays
the protocol number without port.
Specify Source This option becomes available when TCP, UDP, SCTP, or TCP-AND-UDP is
Port selected as the protocol type. When selected, you also need to specify the
Minimum Source Port and Maximum Source Port below.
Minimum 1
Source Port
Maximum 65535
Source Port
Minimum 1
Destination
Port
Maximum -65535
Destination
Port
Creating service groups
You configure service group objects when you have more than one service you want to specify in a rule that
matches service. You can group all Web services and group all mail services, for example, if you want to have
Chapter 10: Shared Resources Creating service groups
rules that treat those as groups.
The following policies use service groups:
Basic Steps
1. Create service objects.

2. Configure service group objects. You can add up to 256 members in a group.
3. Select the service groups when you configure your policies.
Before you begin:
To configure a service group:
1. Go to Shared Resources > Service.

2. Click Service Group.
Table 118: Service Group configuration
Settings Guidelines
Name Specify a unique name for the service group configuration. Valid characters are A-
Z, a-z, 0-9, _, and -. No spaces.
Member List
Service Select a service object.


FortiADC Handbook Configuring Health Checks PDF

Uploaded by

Copyright:

Available Formats

FortiADC Handbook Configuring Health Checks PDF

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

FortiADC Handbook Configuring Health Checks PDF

Uploaded by

Copyright:

Available Formats

Chapter 10: Shared Resources Configuring health checks

Chapter 10: Shared Resources

This chapter includes the following topics:

l "Configuring health checks" on page 340.

Configuring health checks

340 FortiADC Handbook

LB_HLTHCK_ICMP Pings the server.

Before you begin:

To configure a health check:

1. Go to Shared Resources > Health Check.

l ICMP l TCP Half Open

4. Complete the configuration as described in Table 109.

Table 109: Health check configuration

Type Select a type of health check.

Destination IP address to send health check traffic.

In link load balancing deployments, if you do not specify an IP address, the

No specific Simple ping to test connectivity.

342 FortiADC Handbook

No specific Simple ping to test connectivity.

TCP / TCP Half Open Connection / UDP

SSL Ciphers Default selections are recommended.

SSL Ciphers For HTTPS only. Default selections are recommended.

Method Type HTTP method for the test traffic:

Send String The request URL, such as /contact.php.

Match Type What determines a failed health check?

Address Type l IPv4

RADIUS / RADIUS Accounting

Username User name of an account on the backend server.

Password The corresponding password.

344 FortiADC Handbook

Secret Key The secret set on the backend server.

If the response is OK (250), the server is considered as up. If there is error

Username User name of an account on the backend server.

Password The corresponding password.

Username User name of an account on the backend server.

Password The corresponding password.

User name User name of an account on the backend server.

Password The corresponding password.

Agent type l UCD

Version SNMP v1 or v2c.

Disk Weight 100

346 FortiADC Handbook

Version SNMP v1 or v2c.

OID String specifying the OID to query

Value Type Abstract syntax notation (ASN) value type:

Compare Type l Equal

Counter Value Specify the value for the evaluation.

Username Username for test login.

Password Corresponding password.

RTSP Method RTSP Options

Status Code 200

Username Specify the database user name. (Optional)

Password Specify the database password, if applicable.

MySQL Server Select either of the following:

Auth Specify the type Unsigned32 authentication application ID used to advertise

348 FortiADC Handbook

Oracle Note: Oracle DB HC only supports Hardware models in 5.1.0

Port Listening port number of the OracleDB server.

Username Specify the database username