Forum Discussion
Montysinha
Nimbostratus
NimbostratusForward proxy with an internal and external proxy irule config
Hi All,
I had a question, we are currently using ZScaler via a GRE Tunnel from the F5 which works great and has replaced our EOL Blue-coat appliances, however we have an issue when we point to the proxy we can not resolve internal resources. Where as our Blue-coats we were able to point to it and it could do internal and external.
To work around this I have created an Internal Proxy using the F5 Irule (devcentral.f5.com/s/articles/http-forward-proxy-v32) However I am struggling to put in some smarts to say if you want to go to an internal IP Address (10.0.0.0/8) go to the Internal Proxy VIP else go to the ZScaler VIP.
Any one has a method to create an iRUle which is able to define which VIP/Pool to use based on the desination IP address you wish to go to.
Any guidenace would be appreciated.
Thanks
Monty
jba3126Cirrus
Montysinha I know this is old, but for anyone in the future you would set up an IP datagroup with the IPs and either do an iRule or Traffic policy to select the pool based on IP destination matches in the datagroup.
I have a use case to move the GRE tunnels from our routers to the F5s. Could you share more details on your setup with the GRE tunnels from your F5? There is not a lot of info save for the following on DevCentral - https://community.f5.com/t5/technical-articles/configuring-a-generic-routing-encapsulation-gre-tunnel-using-big/ta-p/289030