f5 snat list translation and issue with telnet and wget

Question

hi all,
&nbsp;i've this situation:&nbsp;server as01 -&gt; f5 -&gt; external system&nbsp;&nbsp;&nbsp;- only the f5 has visibility of external system (10.193.91.198) 
&nbsp;- f5 is the default gateway on internal vlan of server as01
&nbsp;- a snat translation list is made with the ip 10.193.91.198&nbsp;
&nbsp;from the f5 the external system is reachable:&nbsp;&nbsp; &nbsp;[root@f5:Active] config  tcptraceroute
10.193.91.198 -p 80&nbsp;traceroute to 10.193.91.198 (10.193.91.198), 30
hops max, 40 byte packets&nbsp;1   (10.193.37.1)  0.613 ms
*  (10.193.37.1)  0.992 ms&nbsp;2  * * *&nbsp;3  * * *&nbsp;4  * * *&nbsp;5   (10.193.91.198)  15.436
ms  15.296 ms  15.325 ms&nbsp;[root@f5:Active] config  telnet 10.193.91.198
80&nbsp;Trying 10.193.91.198...&nbsp;Connected to 10.193.91.198 (10.193.91.198).&nbsp;Escape character is '^]'.&nbsp;^]&nbsp;telnet&gt; quit&nbsp;
&nbsp;but from the server as01 i've a strange issue:
&nbsp;- ping works
&nbsp;- tcptraceroute with specific port 80 works
&nbsp;- telnet (or wget) to specific port 80 doesn't work&nbsp;&nbsp;[root@SC-MUC-tgepreas01 ~] ping 10.193.91.198&nbsp;PING 10.193.91.198 (10.193.91.198) 56(84) bytes
of data.&nbsp;64 bytes from 10.193.91.198: icmp_seq=1 ttl=255
time=0.205 ms&nbsp;64 bytes from 10.193.91.198: icmp_seq=2 ttl=255
time=0.160 ms&nbsp;64 bytes from 10.193.91.198: icmp_seq=3 ttl=255
time=0.210 ms&nbsp; &nbsp;--- 10.193.91.198 ping statistics ---&nbsp;3 packets transmitted, 3 received, 0% packet
loss, time 2000ms&nbsp;rtt min/avg/max/mdev = 0.160/0.191/0.210/0.027
ms&nbsp;[root@SC-MUC-tgepreas01 ~] tcptraceroute
10.193.91.198 -p 80&nbsp;traceroute to 10.193.91.198 (10.193.91.198), 30
hops max, 40 byte packets&nbsp;1  sctgepreextservitds
(10.193.91.198)  0.561 ms  0.542 ms  0.530 ms&nbsp;[root@SC-MUC-tgepreas01 ~] &nbsp;[root@SC-MUC-tgepreas01 ~] &nbsp;[root@SC-MUC-tgepreas01 ~] telnet
10.193.91.198 80&nbsp;Trying 10.193.91.198...&nbsp;telnet: connect to address 10.193.91.198:
Connection refused&nbsp;telnet: Unable to connect to remote host:
Connection refused&nbsp;[root@SC-MUC-tgepreas01 ~]&nbsp;&nbsp;
&nbsp;any ideas?
&nbsp;can anyone help me please?&nbsp;&nbsp;thanks in advice &nbsp;&nbsp;&nbsp;

rise_77519 · Answer

Hi,&nbsp;&nbsp;
I think that you should also create a network  forwarding vs on the f5.  all vlan should enabled for the server vlan and destination ip should set 0.0.0.0 and net mask 0.0.0.0 . &nbsp;&nbsp;&nbsp;

emilio_104458 · Answer

hi Rise, 
&nbsp; thanks for ur support. with this virtual server (also configured to auto map the snat pool) all works. 
&nbsp;  
&nbsp; thanks a lot

Forum Discussion

f5 snat list translation and issue with telnet and wget

Recent Discussions

ports are showing open on online scanning tool

Upgrade F5 BIGIP

DNS HM Probe issue

Is XFF a must for ASM WAF DoS

Switch ssl profile based on weak cipher detection via IRULE

Related Content

GTM Translation

Network Translations

Seeking Guidance on Enabling Telnet Access via SSH Proxy Using F5 BIG-IP LTM

Mgmt monitor issue

XC - azure cloud Credentials issues

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS