Forum Discussion
kuldeep_Thakur_
Jul 18, 2012Nimbostratus
F5 is replacing source address of my servers with floating self ip of engress vlan
HI guys i am new to f5 so dont knwo if i have configured it correctly or not . I have two Vlan's configured on My F5 . Engress Vlan(115) and Ingress Vlan(114). My servers are on Ingress Vlan and Clinets on engress side. SO i have created VS on Engress Vlan with Pool of my servers . When client send request to the VS VIP the source address on my server is the VS address and when server reply to client the source is again the VS address which seems to be ok . But the issues is that whn my servers try to send a request to Clients the source address is replaced by floating IP of my F5 engress VLAN. I want when ever any client wants to talk to my servers directly or vica virsa the source address should remain the orginal.
Right now i have configured Automap Snat and configured default gateway *.* to my engress router connect to my F5 engress Vlan Interface.
My servers have F5 ingress self floating IP as default gateway .
And if i dont use snat there is no comunication between engress Vlan and ingress vlan.
Thanks for the help as i new to F5 and dont know what is going on.
Thakur
- Nick_T_68319NimbostratusDisable automap and you should see the client's source address. Everything should work fine as long as your servers have the f5's self ip as their default gateway
- kuldeep_Thakur_NimbostratusHi Nick Thanks for the reply. But when i disable the Snat Auto map , the comunication between both the Vlan is broken and i canot reach my servers directly.from the clients. And when my clients are sending request directly to my server's Ip everything is working fine but when server sends the request to Clients the source IP is the IP of my Ingress Vlan Floating IP.
- nitassEmployeedo you have another snat setting besides under virtual server configuration?
- kuldeep_Thakur_Nimbostratusfollowing is the out put of the command:-
- nitassEmployeebigip is a default-deny device. to allow traffic from one vlan to another, at least one listener object has to be configured. there are 3 listener object types which are virtual, snat, nat.
[root@ve10:Active] config b virtual list virtual vs_incoming { pool pool_server destination 172.28.19.79:80 ip protocol 6 profiles { http {} tcp {} } } virtual vs_outgoing { ip forward destination any:any mask 0.0.0.0 } [root@ve10:Active] config b route list route default inet { gateway 172.28.19.254 } [root@ve10:Active] config b snat list No SNATs were found.
- kuldeep_Thakur_NimbostratusThanks nitass i will try and will update.
- kuldeep_Thakur_NimbostratusThanks Nitass it was awesome..... :) everything is working fine ..
- kuldeep_Thakur_NimbostratusThanks Nitass it was awesome..... :) everything is working fine ..
- kuldeep_Thakur_NimbostratusThanks Nitass it was awesome..... :) everything is working fine ..
- nitassEmployeecool! thanks for update. ;-)
Recent Discussions
Related Content
Â
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects