Forum Discussion

Mike_61640's avatar
Mike_61640
Icon for Nimbostratus rankNimbostratus
Sep 03, 2012

Creating VS for a network not directly connected

Hi,   I have a network that has a DMZ (10.1.1.0/24) and an Internal (10.2.2.0/24) network directly connected to the F5 LTM. The Internal network also has access to other networks (172.16.0.0/24) ...
config
design
Thomas_Schocka1's avatar
Thomas_Schocka1
Icon for Altocumulus rankAltocumulus
Sep 04, 2012
Hi Mike,

 

 

 

You need to check the following items:

 

- does the F5 have a route to the 172.16.0.0/24 subnet?

 

- does the F5 have a Forwarding (IP) type Virtual Server for this network?

 

- is the Forwarding (IP) Virtual Server for this 172.16.0.0/24 network enabled on all VLAN's that will be using the F5 as a router for this network?

 

- do the servers know they have to route packets for this network to the F5? (e.g. do they have the necessary routes?)

 

- if it's not the servers directly, does the firewall or router know how to find the F5 on this network?

 

- have you checked for any asymmetric routing between the servers in DMZ and those behind it? (e.g. packets go over the F5 but might return through the firewall because the destination server doesn't have a route back to the F5 directly)

 

 

Kind regards,

 

 

Thomas