Forum Discussion
pekka_kovesjar2
Nimbostratus
NimbostratusAccess local resource in BIG-IP connected network through APM portal access resource
Hi
Accessing web-app with APM portal access resource app server response SAML POST to URI https://newaddress.company.com. DNS entry newaddress.company.com resolves IP to same public subnet (of ...
You just need a route. If you want the route on a tmm interface (which I assume you mean when you say connected subnet), just go to Network -> Routes and add your gateway with public IP access on that subnet as a route to the relevant /32's that newaddress.company.com resolves as.
pekka_kovesjar2Hi Josiah f5 connected networks = f5 device own interfaces > IP-addresses are on those networks, tmm or mgmt. In this case I'm talking about that public facing network. For example mask is /24, default gateway is .1.1.1.1/24, f5 self-IP is .1.1.1.2/24, APM VIP is 1.1.1.3/24. and newaddress.company.com is 1.1.1.5/24. For that reason I do have route to 1.1.1.5. Address 1.1.1.5 is ADFS proxy made with Microsoft techniques. Because f5 is configured to use only internal DNS-servers (split DNS => internals answer private addresses) I did static host entry to f5 for newaddress.company.com. Tested fron CLI that f5 resolves right IP. I can also see on decodec (hex-to-text) APM URI that hostname on URI is that .newaddress.company.com. TCPDUMP -nni 0.0 host 1.1.1.5 don't show any traffic when f5 try to connect newaddress.company.com. -Pekka-
Seth_CooperEmployee
Hi Pekka, APM Portal Access isn't able to use the BigIP hosts file for name resolution. You will have to configure the external DNS server (configured in the system settings) to resolve the name of newaddress.company.com. -Seth
