Forum Discussion

Nimbostratus

Dec 19, 2011

F5 LTM Question

I have 2 vlans , external & Internal Internal Vlan has some servers , External is connected to internet my questions is : Q1 : If traffic received on external vlan is n...

config

design

hooleylist

Cirrostratus

Dec 19, 2011

Q2 : If traffic is initiated from server behind internal vlan , this server is not member of any pools , will it be routed according to F5 Routing table ( same as router ) or traffic will be dropped ?

As Hamish said, it doesn't matter if the host originating the connection is a member of a pool. Traffic will only be passed if the destination IP:port matches a virtual server or the client matches a SNAT. I much prefer using virtual servers over SNATs as you have more visibility and control using a virtual server.

If you do create wildcard address virtuals make sure to enable them only on the ingress VLAN(s) you want to allow clients from. Creating a 0.0.0.0:0 virtual server enabled on all VLANs will allow any client that can reach LTM to traverse LTM.

Aaron

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

F5 LTM Question

Recent Discussions

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

Switch ssl profile based on weak cipher detection via IRULE

full-proxy HTTP2

Decode ObjectSID from Base64-encode string

Related Content

F5-LTM active directory and http/s

F5 LTM upgrade question

Monitor Testing question

SNAT question

irule redirect question

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS