Forwarding Request to Azure Firewall From F5 LTM

Question

Hi All,I have a requirement to setup a virtual server which can send the request to Azure Firewall when request comes to a particular subnet for example:Source Subnet: 10.10.10.0/24 &gt;&gt; This is internal subnet so when users from this subnet comes to F5 I want them to get redirected to the Azure Firewall fofurther processing and going to the internet. As I have disabled the internet for the users in this subnet and qualys scanner is not working on their VM's so they want to look for other alternatives and client asked my to see the possibility of this setup. Please share your thoughts on this and&nbsp; let me know if there is any other way to achieve this.ThanksAshish Solanki

aubreykingf5 · Accepted Answer

You can absolutely do this by establishing a forwarding VS on your BIG-IP and setting the BIG-IP default gateway to the Azure FW. If you do not want the Azure FW to be the BIG-IP's default gateway, then add a route for the clients to reach the internet. Matching a forwarding VS tells the packet to consult the TMOS routing engine. If your BIG-IP default gateway is the Azure FW, your egress packets will always flow there.
Make sense?

Forum Discussion

Forwarding Request to Azure Firewall From F5 LTM

Recent Discussions

SSL bridging without SSL proxy forward

Client SSL Profile set to Require Client Certificate breaks RDP in APM

TS Declarations for DNS

APM file and registry key date check 8 days old

Should config via cli rather than gui?

Related Content

Integrating SSL Orchestrator with CheckPoint Firewall VM-Transparent Proxy

SSL Orchestrator Advanced Use Cases: Integrating F5 Advanced Firewall Manager (AFM)

Firewall behind APM will be migrated

Application Layer DNS Firewall

ANSIBLE Configuration of a firewall rule list to be added on desired position in the firewall policy

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS