Forum Discussion
F5 Virtual appliance - VLAN Management
Hello Folks,
Can someone help me deploying my virtual F5 appliance for a small lab purpose? I have F5 Management bridged with my wireless, so I can access the management interface as and when I connect to the new Wireless Access Point.
The challenge is, how can I use another 2 interfaces in different VLANs, and allow communication from Host machine to guest machine for the traffic processing VLAN and not the management VLAN.
Shall I NAT, Host-only, VMNet or any other option to achieve my need?
The whole purpose is to have a functional setup, where my host machine can access Virtual Servers, and Virtual servers should have internet access.
Can someone please help?
Thank you,
When you provision a Host Only interface you must tick the option which says to create the interface in Windows otherwise it will not actually create a virtual interface which the OS needs to talk to the VM.
Also when you have a NAT interface your default route should be to the .2 address and not the .1 address.
- Kevin_Davies_40Nacreous
The VLAN's you want the F5 VE to communicate with the Internet must be set to NAT in Vmware. By default the PC address in the network is .1. When using NAT the route to the Internet is via .2.
For example an external vlan you might set it to host-only because it does not require any Internet access. This will be requests generated by you sent to VIP's on the BIGIP. Then the internal vlan would be set to NAT and a default route created on the BIGIP that points to .2 address. This means your bigip can not only reach services on your PC via .1 it can also reach servers beyond your PC via .2 using the default route.
There really is no need to have the management address available externally to the PC if you are the only person using it so I recommend Host only.
Sample Addressing - First Interface assigned to VM (Host only) Management (eth0) Existing External VLAN (1.1) - Second Interface assigned to VM (NAT) PC 192.168.74.1 SelfIP 192.168.74.10 Default Route to 192.168.74.2 Internal VLAN (1.2) - Third Interface assigned to VM (Host Only) PC 192.168.87.1 SelfIP 192.168.87.10
- swo0sh_gt_13163Altostratus
Thanks Kevin,
I have configured interfaces as you've suggested. And I can access the appliance using the Management IP address and Internal VLAN self IP address. However I don't have internet access from the F5 console.
The default route is pointing as 0.0.0.0/0 => 192.168.20.1 (InternalVLAN IP address).
Management (Host only) 192.168.10.0/24
External VLAN (1.1) - (NAT) 192.168.20.0/24
Can reach 192.168.20.1 successfully.
Internal VLAN (1.2) - (Host Only) 192.168.30.0/24 Cannot reach 192.168.30.1
I am sure I made a configuration mistake somewhere. As I don't internet access from F5, and none of the Host-only interfaces are reaching their gateway, .1
Can you correct?
- swo0sh_gt_13163Altostratus
I have uploaded the interface configuration image for your reference, if that helps.
https://cloud.helpag.com/public.php?service=files&t=ab59103f7ca946945c14dcbeaefe11d2
Thanks, Darshan
- Kevin_Davies_40Nacreous
When you provision a Host Only interface you must tick the option which says to create the interface in Windows otherwise it will not actually create a virtual interface which the OS needs to talk to the VM.
Also when you have a NAT interface your default route should be to the .2 address and not the .1 address.
- swo0sh_gt_13163Altostratus
Thanks Kevin,
I think in VMware workstation, it is default option to create an adapter for host based interface, and I have verified it again and found it is available in my network settings.
However I didn't get the idea of the default route for NAT interface? I have 1.1 (External) interface configured as NAT, and unfortunately my F5 still doesn't have access to the internet.
Is there anything to be considered?
Cheers!
- Kevin_Davies_40Nacreous
Is your default route now pointing to 192.168.20.2?
- swo0sh_gt_13163Altostratus
Hey Kevin,
Guest what! It is working after pointing the default route to 192.168.20.2
Perfect! Thank you very much!!
- Kevin_Davies_40NacreousHi, if this solved your problem can you tick the box to the left of the post that provided the solution :-)
- swo0sh_gt_13163Altostratus
Sure, I did that. :)
Thanks for bringing it to my notice, I will follow this in future.
Cheers!
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com