hi all, We go to deploy F5 apm for a SSL VPN in our environment, we need experts advice to design the deployment. We are presently using Microsoft UAG and our current setup is below Public -> Checkpoint -> UAG(in DMZ with 2 arm - 1 lan and 1 for dmz) Pls help us.

You may refer to the link for the details regarding ACL for Network Access. http://support.f5.com/kb/en-us/products/big-ip_apm/manuals/product/apm-network-access-11-5-0/2.html

Deployment of F5 APM - SSL VPN,

12 Replies

kunjan
Nimbostratus
May 22, 2014
You can follow the same topology with 2-arm (DMZ and LAN). Is there anything specific you are looking for?
- Mariappan_S_156
  Nimbostratus
  May 23, 2014
  Thanks for reply. Our vendor has advises us to put firewall between F5 device and LAN connectivity and all the traffic between F5 to LAN should travel through mention firewall. Can F5 box do the firewall protection for LAN connectivity? What is your advice? Need a firewall or can achieve firewall protection with F5 itself.
kunjan_118660
Cumulonimbus
May 22, 2014
You can follow the same topology with 2-arm (DMZ and LAN). Is there anything specific you are looking for?
- Mariappan_S_156
  Nimbostratus
  May 23, 2014
  Thanks for reply. Our vendor has advises us to put firewall between F5 device and LAN connectivity and all the traffic between F5 to LAN should travel through mention firewall. Can F5 box do the firewall protection for LAN connectivity? What is your advice? Need a firewall or can achieve firewall protection with F5 itself.
kunjan
Nimbostratus
May 23, 2014
The use of firewall on the LAN side will help to control the VPN user traffic, provided you require to have granular control on the VPN traffic.
- Mariappan_S_156
  Nimbostratus
  May 23, 2014
  I accept, But pls confirm, how possible the same granular control through ACL in F5 APM. If we can then we skip the additional firewall purchase.
kunjan_118660
Cumulonimbus
May 23, 2014
The use of firewall on the LAN side will help to control the VPN user traffic, provided you require to have granular control on the VPN traffic.
- Mariappan_S_156
  Nimbostratus
  May 23, 2014
  I accept, But pls confirm, how possible the same granular control through ACL in F5 APM. If we can then we skip the additional firewall purchase.
kunjan_118660
Cumulonimbus
May 23, 2014
You may refer to the link for the details regarding ACL for Network Access.

http://support.f5.com/kb/en-us/products/big-ip_apm/manuals/product/apm-network-access-11-5-0/2.html
- Mariappan_S_156
  Nimbostratus
  May 27, 2014
  thanks for useful information..
kunjan
Nimbostratus
May 23, 2014
You may refer to the link for the details regarding ACL for Network Access.

http://support.f5.com/kb/en-us/products/big-ip_apm/manuals/product/apm-network-access-11-5-0/2.html
- Mariappan_S_156
  Nimbostratus
  May 27, 2014
  thanks for useful information..

Forum Discussion

Deployment of F5 APM - SSL VPN,

12 Replies

AppWorld 2026: Save the Date and Join Our Community In Person!

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Does F5 Rules for AWS WAF - Common Vulnerabilities & Exposures Mitigate Log4J vulnerabilities

Credentialed Scanning - F5OS - Rseries

WebSocket connection to 'wss://...' failed: Invalid frame header

f5 asm reporting aggregate

rSeries 4600 additional Core Enable

Related Content

Where are F5's archived deployment guides?

Salesloft Drift, VPNs and Roundup

BIG-IP Next for Kubernetes Nvidia DPU deployment walkthrough

Automating F5 Application Delivery and Security Platform Deployments

Deploying a VPN on the BIG-IP APM

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS