Can Access F5 without Default Route

Question

i found that i can access my F5 LTM from external networks ( on Self IPs of the interfaces ) , even i forgot to put Default route on it ?&nbsp;&nbsp;&nbsp;&nbsp;

nitass · Answer

can you disable auto last hop and try again? 
&nbsp;  
&nbsp; sol11796: Overview of the Auto Last Hop setting 
&nbsp; http://support.f5.com/kb/en-us/solutions/public/11000/700/sol11796.html

hooleylist · Answer

Is that a problem SSHSSH or are you just wondering how it's working?  As Nitass suggested, with Auto Lasthop enabled, TMM will respond out the same switch port as it received the connection, ignoring any routes. &nbsp;
&nbsp; Aaron

hamish · Answer

Just to add to what Aaron said... The auto last-hop explicitly uses the MAC address of the sender as the destination when replying. The last-hop MAC address is taken from the inbound packet when the entry is placed in the connection table.  
&nbsp;  
&nbsp; H

sshssh_97332 · Answer

Thanks all .  but the behaviour i found is : 
&nbsp; i can manage device from external subnets ( with no routes ) 
&nbsp; i cannot reach pool members ( using Virtual IP of VS ) from external subnets , when i put route to these subnets it worked . 
&nbsp; So , if it is related to Autolast hop , the second scenario should have worked without the route ? &nbsp;

nitass · Answer

i cannot reach pool members ( using Virtual IP of VS ) from external subnets have you captured packet? did you see packet reaching virtual server?

Forum Discussion

Can Access F5 without Default Route

Recent Discussions

ports are showing open on online scanning tool

Upgrade F5 BIGIP

DNS HM Probe issue

Is XFF a must for ASM WAF DoS

Switch ssl profile based on weak cipher detection via IRULE

Related Content

Set Virtual Default Pool

Setting default route using VLANs

F5 Website Accessibility Survey

vcmp system factory default

changing DEFAULT ciphers v14.x

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS