Forum Discussion
Anti-Spam behind F5 LTm
- Tamer_Ezzat_235Jan 10, 2018Nimbostratus
Thanks Kolom
However I need to allow the Anti-Spam node to initiate a connection to the internet on port 3888 is that option applicable ?
what I understood from this link that forwarding Virtual server is based on the destination port on the internal node while what I am asking for is how can I allow connection from internal node to internet on destination ports like 3888, 9993 ect., ?
Did you get my point
Thanks
- kolomJan 10, 2018Altostratus
Hello , check "Emulating stateless IP routing with BIG-IP LTM forwarding virtual servers" part.
You can configure a wildcard VS with all ports ,specific protocol ( TCP , UDP ) , and specifying a source address of your node .
In this case , you'll be using F5 as Antispam's default GW.
- Tamer_Ezzat_235Jan 10, 2018Nimbostratus
Hello,
in my case F5 will not be as Antispam's default GW what is the solution in this case ? SNAT Automap ?
- kolomJan 10, 2018Altostratus
- In a full proxy design , you have client side and server side connections.
- Automap/SNAT is being used in server side , which in your case between F5 and the next L3 Hop.
- Traffic from your node ( Client Side part of the connection ) should be directed to F5 to hit the configured Forwarding VS.
- To do that you can change the default GW on the node , create static route for specific destination on the node , or use PBR(policy based routing) on an intermediate hop to direct specific traffic to F5.
- Tamer_Ezzat_235Jan 10, 2018Nimbostratus
Great
1- (policy based routing) on an intermediate hop to direct specific traffic to F5 is already done
So I will create Forwarding VS with source IP address of the Anti-spam node and destination with 0.0.0.0 and any ports
correct ?
- kolomJan 10, 2018Altostratus
Yes , you are correct. Check "Emulating stateless IP routing with BIG-IP LTM forwarding virtual servers" and read the notes as you may need to change the default values on the FastL4 profile based on your network environment.
- Tamer_Ezzat_235Jan 10, 2018Nimbostratus
Many thanks Kolom,
I will check this solution and I will update you
Thanks again
- Tamer_Ezzat_235Jan 11, 2018Nimbostratus
Thanks Kolom
It is worked with me.
Thanks
- kolomJan 11, 2018Altostratus
URW Tamer , Happy to help :)
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com