For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

What_Lies_Bene1's avatar
What_Lies_Bene1
Icon for Cirrostratus rankCirrostratus
Nov 14, 2013

OK, understood, so, you could switch to a Performance L4 VS and make each firewall a Pool member and simply use round robin load balancing to distribute the connections. This should work fairly well for inbound connections.

 

Assuming you have outbound connections too I'd suggest you stick with the IP Forwarding VS.

 

So, create a new Perf VS only enabled on the external VLAN, change the existing Forwarding VS so it's only enabled on the internal VLAN.

 

On the internal side of the firewall, what handles the failover at present? If you're using VRRP I'd imagine with my plan above a connection could pass inbound through one firewall and outbound via another? Do they share state?