Forum Discussion

Nimbostratus

Oct 30, 2025

Cannot ping external interface

Hi All, first post here, first time F5 devices and a complete novice. I have a couple of BIG-IP devices and the luxury to play and learn before we go live. I have one I am sure is going to be a si...

deployment

peeryog

Nimbostratus

Nov 07, 2025

OK, wow, its very obvious I don't know what I am doing.

I did check the lockdown, thanks for that advice, and set it to default. I see that it allows 443 through, not port 80 which is fine.

However, on the public facing side, it is working, but it is presenting the Big IP Management LogIn page, not the servers in the pool . How this is works I do not know as they are on their own VLAN which is ostensibly completely separate from the pool, any routing table and so on.

When I first got the devices I spent some time following a tutorial to set this up and it worked just fine. The only difference was the external network was connected to an internal LAN so that I could understand how this worked and work it did. The webserver are on their own DMZ VLAN and all worked as expected . I had not set up any self IPs . However as soon as I changed the IP of the virtual server to a different IP and network, I have not been able to get this to connect and it has been days of trying to determine what the BiGIP wants and I have probably completely messed up the configuration in attempting to get this to work

CA_Valli

MVP

Nov 07, 2025

One thing is the self-ip address, one other thing is the virtual server.

Self-ip address belong to .. "self", which is F5 indeed, so if you connect to them you should expect F5 to respond with the F5 management interface! :)

"How this works" is tricky - as f5 keeps separate routing table for data plane and management plane. But essentially, allowing access to a self-ip is opening the management plane access through the network (again, there's a reason why it's locked down by default).

If you need F5 to act as a full-proxy (hey, that's his job!) and publish a web server, you need to set up a virtual server. All of the objects you need to do this are found in the "traffic management" menu. This includes your pool and all the other stuff.
Check my other comment to have a better understanding on what you need to connect F5 to the network, and once that is set up and ready, you can create services "on top" of the deployment you just set up.

Understanding how this works is part of the fun :) but feel free to ask if you still have any doubt

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Cannot ping external interface

F5 Academy at AppWorld 2026

Aswin MK - November 2025 Featured Member

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

CVE mitigation on F5 XC vs classic F5 WAF

Could not communicate with the system. Try to reload page.

F5 XC 503 upstream_reset_before_response_started{protocol_error}

UCS Encryption Question

BIG-IP VE: 40G Throughput from 4x10G physical NICs

Related Content

Application Programming Interface (API) Authentication types simplified

External Monitor Information and Templates

TACACS+ External Monitor (Python)

CSV to Address External Datagroup File

snmp-check external monitor

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS