Forum Discussion
Routing application traffic through management interface
Hello all,
I have a PoC setup in our lab with a management, internal and DMZ network and have a problem with routing. The F5 always sends the connection to the ADFS backend out from its DMZ interface, even though it's management interface is in the same subnet as the ADFS.
MGMT: 10.x.250.0/24
DMZ: 10.x.251.128/25
Internal: 10.x.251.0/25 (not used here)
I read this information which seems to suggest that application traffic must always be separate from management traffic, TMM handles the application traffic and the underlying linux handles the management traffic:
https://clouddocs.f5.com/cli/tmsh-reference/latest/modules/sys/sys-management-route.html
The management interface is available on all switch platforms and is
designed for management purposes. You can access the browser-based
Configuration utility and command line configuration utility through
the management port. You cannot use the management interface in traffic
management VLANs.
So I understand from that that the MGMT is completely separate and I cannot make a routing hack to use the management interface for the ADFS application traffic.
I can't change the location of the AD FS server. I could just open the firewall for the F5 connection from the DMZ to the management network but this is quite annoying as the F5 management and AD FS are directly connected on the same subnet.
Is there anyway to instruct the F5 to use it's management interface 10.x.250.150 to contact the AD FS?
Thanks,
Peter
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com