F5 DNS Configured behind Firewall but not working as expected

Question

Hi All,&nbsp;
I have configured F5 DNS which is connected behind firewall to serve DNS. Firewall is doing NAT and translated to private IP addresses.&nbsp;
Clients --&gt; FW (NAT) --&gt; F5 DNS ---&gt; VIP (private ip)&nbsp;
I have configured servers with private ip 10.1.1.1 and 20.1.1.1 with translation IP address (public) 62.1.1.1 and 72.1.1.1.on GSLB Servers--&gt; Virtual servers, I have dded VIP's NAT address as translation address.
After above configurations i have tried nslookup from internet and i am getting private IP address as DNS response. I am expecting VIP's translation address as DNS response but in my case it is not.&nbsp;
Can some one help please.&nbsp;
-&nbsp;

only1masterbla1 · Answer

on GSLB Servers--&gt; Virtual servers, VIP should have external IP and translation address should be internal IP (real IP). Is it configured this way?&nbsp;

nathe · Answer

From the following solution Configuring BIG-IP DNS server objects for BIG-IP devices that reside behind a firewall NAT the Address will be the Public IP address that is returned to the external client. The Translation address is the internal VIP, private IP address.&nbsp;
Hope this helps,&nbsp;
N&nbsp;

Forum Discussion

F5 DNS Configured behind Firewall but not working as expected

2 Replies

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

How can I get started with iCall

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Related Content

F5 AFM/Edge Firewall and the difference between Edge Firewalls and Next-generation Firewalls (NGFW)

Introduction to F5 BIG-IP Advanced Firewall Manager (AFM)

Configuring BIG-IP AFM firewall policies and rules with Ansible

BIG-IP Next Edge Firewall CNF for Edge workloads

Securing the LLM User Experience with an AI Firewall

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS