For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

SSHSSH_97332's avatar
SSHSSH_97332
Icon for Nimbostratus rankNimbostratus
Dec 19, 2011

F5 LTM Question

I have 2 vlans , external & Internal   Internal Vlan has some servers , External is connected to internet   my questions is :       Q1 : If traffic received on external vlan is n...
config
design
hoolio's avatar
hoolio
Icon for Cirrostratus rankCirrostratus
Dec 19, 2011
Q2 : If traffic is initiated from server behind internal vlan , this server is not member of any pools , will it be routed according to F5 Routing table ( same as router ) or traffic will be dropped ?

 

 

As Hamish said, it doesn't matter if the host originating the connection is a member of a pool. Traffic will only be passed if the destination IP:port matches a virtual server or the client matches a SNAT. I much prefer using virtual servers over SNATs as you have more visibility and control using a virtual server.

 

 

If you do create wildcard address virtuals make sure to enable them only on the ingress VLAN(s) you want to allow clients from. Creating a 0.0.0.0:0 virtual server enabled on all VLANs will allow any client that can reach LTM to traverse LTM.

 

 

Aaron