Forum Discussion
APM VPN ICMP not working
So I have a little lab setup, and I have created a SSL VPN with a network access profile. Everything TCP related works to my backend (HTTP; HTTPS etc), but for some reason I can't ping any backend server. I just get a:
36 bytes from [self-ip-of-F5]: Dest Unreachable, Bad Code: 9
Now I've tried various things: 1) Added ICMP allow all to ACLs (note: there are no other ACLs on the F5) 2) Allowed SNAT for ALL traffic (under System -> Configuration -> Local Traffic -> General)
But nothing works - I get the same error.
Now I know my SSL VPN VS is a TCP VS, but isn't the concept that there is a TCP tunnel between the client and the F5, and that the ICMP would come out of this tunnel, get SNATTED and then be able to get to the backend?
1 Reply
- kunjan
Nimbostratus
Under Network Accesss config there is SNAT Pool, try changing it to AutoMap, also try proxy arp.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com