Forum Discussion

thomass87_91937's avatar
thomass87_91937
Icon for Nimbostratus rankNimbostratus
Oct 30, 2014

inline configuration

Hi,   I have configuration: NET => FW => F5 => SRV   I have VS1 which forwards traffic to SRV (no SNAT used, not possible to do XFF so source address of client is seen). F5 is def gw for SRV. O...
inline
routing
snat
Hannes_Rapp_162's avatar
Hannes_Rapp_162
Icon for Nacreous rankNacreous
Oct 30, 2014

Please paste full configuration of your 0.0.0.0/0 VS. There are many ways the routing can be done.

 

  • thomass87_91937's avatar
    thomass87_91937
    Icon for Nimbostratus rankNimbostratus
    Oct 30, 2014
    ltm virtual forward-all { destination 0.0.0.0%8:any ip-forward mask any profiles { fastL4-test { } } source 0.0.0.0%8/0 translate-address disabled translate-port disabled vlans { server-vlan } vlans-enabled vs-index 307 } ltm profile fastl4 fastL4-test { app-service none defaults-from fastL4 loose-close enabled loose-initialization enabled reset-on-timeout disabled }
  • thomass87_91937's avatar
    thomass87_91937
    Icon for Nimbostratus rankNimbostratus
    Nov 02, 2014
    I have question regarding my VS 0/0 configuration. It is enabled only on server-vlan. If I understand correctly when the server itself is originating connection outside it will hit VS 0/0. How does this configuration applies when connection is originating from another subnet (for example behind FW) to server IP address (not VS1). Connection will be dropped/rejected? Should VS 0/0 listen on all vlans to allow such connections?