Forum Discussion
Explicit proxy and snat-pools
Thanks, ill try this now!
What confuses me a bit is i dont really know what the wildcard actually does. If i read the doc for default-connection-handling, it says that a VS must be created for the outbound connection, if not the connection will be dropped (if connection-handling is set to deny). Im just struggeling a bit to see the difference for the actual connection setup between "allow" and "deny". If the BigIP in "allow" mode just sets up the connection to the server, what difference does the wildcard VS make on the return traffic?
It seems that the forum has an article to test whether http and https traffic can be proxyed in Deny and Allow modes(you call search this article). if Allow is set, equal "firwall acl permit any", permit dns resolvers resolving the destination IP traffic of the destination domain name.
Note that the zone of DNS Resolvers should be set to ".", otherwise, if your proxy domain name is not in the zone, BIGIP will report a 503 status code
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com