For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

gecko-crouton-hunter's avatar
gecko-crouton-hunter
Icon for Nimbostratus rankNimbostratus
Dec 06, 2018

How would I securely route traffic in gateway mode so that each routed network cannot route directly to another?

Hardware: F5 LTM 2000S I'm trying to create some default forwarders, while using partitions and not using any route domains, to forward any traffic not explicitly defined in the virtual server confi...
application delivery
LTM
security
Chris_Grant's avatar
Chris_Grant
Icon for Employee rankEmployee
Dec 06, 2018

You could setup individual VLANs for each and put a network wild card forwarder on each VLAN for the traffic on that network. So for instance:

 

VLAN: RED Virtual Server: 10.1.11.0/24:0 VLAN: PURPLE Virtual Server: 10.1.12.0/24:0 VLAN: GREEN Virtual Server: 10.2.11.0/24:0

 

That should accomplish what you want. As the Virtual servers are only listening for traffic on those specific networks, they won't forward traffic bound for another. Make sure you only enable them on the relevant VLAN, however.