For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Fotios_30046's avatar
Fotios_30046
Icon for Nimbostratus rankNimbostratus
Sep 21, 2009

Access Control Between VLANs On BigIP

We have a pair of 3400's in the following configuration:     -8 port trunk with 4 vlans   -vlan 1 is public connecting bigip to firewall   -vlan 2 is production web   -vlan 3...
management
monitoring
Josh_41258's avatar
Josh_41258
Icon for Nimbostratus rankNimbostratus
Sep 23, 2009
Aaron,

 

 

Wondering if you could give me a bit of advice regarding this... I also have several VLAN's configured on my LTM's. Each VLAN has its own router (172.26.90.1 for example). I would like to prevent chatter between the different "internal" VLAN's on my F5. I already bind each virtual server to a specific "external" VLAN.

 

 

For servers that use the LTM's as their default gateway, I had a wildcard forwarding virtual server (0.0.0.0) which worked, but if I understand correctly, allowed inner-VLAN communication that I don't necessarily need. I see that you recommended creating a pool for each VLAN containing the router as a pool member and then create a performance layer 4 VIP. I am confused on how to create this VIP, and what address it should use?

 

 

Thanks,

 

 

Josh