Forum Discussion
The_Nirvana
Altocumulus
AltocumulusHow can developers manage nodes having F5 as gateway?
Hello Team,
I have a Big IP F5 with AWAF module (version 17.1.1.1) whose floating IP address is configured as the gateway IP for all the nodes. I have created a standard virtual server to host HTTPs services with SSL bridging and AWAF policies. However, our web developers need to administer the content of the web servers via SSH and RDP.
Can you advise what is the best way to provide management access to the several nodes?
When attempting to SSH or RDP, the nodes are forwarding the response to the BIG IP which in turn is not forwarding the response to the edge firewall. Can you advise if a forwarding L2 or L3 virtual server can be useful in this scenario and how it can be used?
Hello all,
This issue was solved by creating a Forwarding (IP) virtual server which allows all clients to reach all hosts on all ports on the BIG IP.
- zamroni777
Nacreous
you can simply create standard TCP virtual server which the pool member are server's SSH port or RDP port.
if you have f5 apm license, you can use f5 as vpn server.
you can check the license using below guide:
https://my.f5.com/manage/s/article/K15032#p1
The_NirvanaWe attempted this and found that eventually, a large number of VIPS needs to be created. It is not very practical when the number of nodes are large. In addition, our developers get confused when dealing with different IP addresses for different purposes, as this is not really their field of work.
Any other ideas?
boneyardMVP
dual homed servers an option? so with a second nic in a management network.
- The_Nirvana
Hello all,
This issue was solved by creating a Forwarding (IP) virtual server which allows all clients to reach all hosts on all ports on the BIG IP.
