Internal to External Flows

Question

Hi, 
&nbsp;  
&nbsp; Can anyone confirm how LTM handles flows from internally defined nodes which use the LTM as its gateway. 
&nbsp;  
&nbsp; For example a web server that needs to communicate to an NTP or DNS server logically on the external side of the LTM. Does any configuration need to be done in order to achieve this. 
&nbsp;  
&nbsp; Regards 
&nbsp;  
&nbsp; Miron

dennypayne · Answer

Yes, LTM is a default deny device.  You either need to SNAT or NAT internal connections to an external IP address, or use a wildcard forwarding virtual server (0.0.0.0:0) to allow the traffic in and out.  If any NetBIOS is involved the NAT/SNAT method probably won't work, so I tend to prefer the forwarding virtual method.  When using that, the LTM's gateway will likely need a static route to the network behind LTM pointing to the LTM's external address (floating address for redundant pairs).  
&nbsp;    
&nbsp;  Denny

miron_du_plessi · Answer

Thanks Mate, 
&nbsp;  
&nbsp; Was very useful. 
&nbsp;  
&nbsp; Miron 
&nbsp;  &nbsp;

Forum Discussion

Internal to External Flows

2 Replies

SSO Login Update Coming to DevCentral

Kevin - June 2026 Featured F5er

Tyler - May 2026 Featured Member

Recent Discussions

UCS file migration on differing OS versions

qkview: revealing pool members & pools

ASM attack signatures not syncing between active and standby F5

Query on source IP preservation for syslog traffic through F5 virtual server

Hardware BIG-IP appliance reach EOSS, but the software version running on it not yet?

Related Content

Simplifying and Securing Network Segmentation with F5 Distributed Cloud and Nutanix Flow

Delivering Secure Application Services Anywhere with Nutanix Flow and F5 Distributed Cloud

Redirecting to an external site when the internal site is down

External and Internal DNS on same appliance

F5 Distributed Cloud Network Firewall Rule Evaluation and Packet Flow