Forum Discussion
CirrostratusAFM acting as a Gateway !
In My setup, AFM connected to core and server farm connected to core. VLAN 2 configured for Server farm reach AFM inside interface as a gateway.
AFM outside interface act as External .
My query is in server farm, i have 25 vlans and need to restrict traffic between this, Can AFM policy base rule will control this.
since all are connecting to only inside interface,
I need to submit the design, please provide the what AFM does for traffic coming and going on same interface?
Stanislas_Piro2Cumulonimbus
BigIP route traffic from one VLAN to another and doesn't matter if those VLANs share the same interface or not.
To allow routing through BigIP, you must create forwarding VS with destination network (ex : 0.0.0.0/0)
If you want to build different AFM policies based on incoming VLAN, you can create as many virtual servers as VLAN number:
- virtual FWD_inside
- type : forwarding IP
- destination : 0.0.0.0/0
- destination port : Any
- protocol : Any
- enable on VLAN : inside
- AFM policy : Policy_inside
- virtual FWD_outside
- type : forwarding IP
- destination 0.0.0.0/0
- destination port : Any
- protocol : Any
- enable on VLAN : outside
- AFM policy : Policy_outside
- ...
- virtual FWD_inside
SWJOusing route-domain can solve easily.