Forum Discussion
How to make outbound traffic to flow through an F5
You create an Outbound Performance Layer 4 virtual server on the VLAN with a destination of 0.0.0.0 (all addresses). You will need to SNAT automap this traffic so the source IP address is changed to the bigIP external IP address. If you need to forward UDP traffic you will need to set the protocol to Any
You may also want to configure a custom Performance Layer 4 profile for this virtual with Loose Initiation and Loose Close.
You set the default gateway of devices in the vlan to the floating Self-IP address of the vlan.
When those devices try to make an outgoing connection, they send the packets to the mac address of the floating self-IP (which is the mac address of the Active BigIP). The destination address (on the internet) matches the wildcard destination of the outgoing VIP, and the BigIP routes the packet out according to the routing table. Returning traffic comes to the SNAT address (BigIP external floating self-IP), matches the existing connection table entry, and is passed to the source device.
Hi Simon,
After I configured as youd indicated (with SNAT = automap), I can ping google from the device (that uses F5 floatIP as default gateway). However, from my laptop (in VPN), I can't ping the device or RDP back into it.
When I change SNAT from 'automap' to 'none' in the Outbound vs, my laptop (in VPN) can now ping the device/RDP into it just fine but the device can't ping google.
What can I do to achieve both goal? (the device can do outbound traffic and I can ping/RDP into the device)
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com