For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Richard_22613's avatar
Richard_22613
Icon for Nimbostratus rankNimbostratus
Mar 25, 2013

F5 Lync iApp with Cisco firewalls

I have configured the Lync iApp on a F5 LTM in our DMZ behind a Cisco firewall.   The client AV traffic goes through the firewall, hits the F5, which sends it on to one of the edge servers (in the...
microsoft
partner
MVA's avatar
MVA
Icon for Nimbostratus rankNimbostratus
Aug 07, 2013
Brian, my understanding is some Lync traffic can't be SNATted, hence the default GW of the F5. Also, the Lync servers can initiate a connection to external clients, this is where the Forwarding VIP comes into play. Lync servers had default GW as F5, F5 then needs to have a mechanism for accepting this traffic (Wildcard forwarding VIP) and what to do with it (Default route). So step 3. for your list is to ensure a route for this traffic from Lync servers to external clients. Our F5 config, we have specific routes for our internal networks and specified the default route as the next hop for external traffic, which is our firewall.

 

 

regards,

 

Mel