Hello Everyone, I'm looking into the correct way to set up a LTM VE in our QA environment so we can match our production environment more closely. The following is the main details or possible issues of the QA environment. LTM is being setup in VCenter.LTM is not the default gateway.The QA environment only has one subnet. Has anyone setup a LTM in this scenario? I know f5 gives you an error if the management VLAN is on the same subnet as the internal VLAN. If need be, we do have another network, we could use for the management and external VLANs if need be. I'm trying to keep this as simple as possible. Thanks for you help, David Williams LTM Newbie

Hi, management interface is for management only, no user traffic! But you can configure another interface for user traffic and also for management.

technically the management interface doesn't need to be connected to anything (i'd still give it an address since BIGIPs use them as device identifiers in some code levels). you can use the internal interface/self-IP address to manage the device by configuring "port lockdown" of the self-IP to "allow default". DO NOT do this if the self-IP is publicly accessible.

Thanks shaggy. Do you have to have an internal and external VLAN?

Forum Discussion

David_130214

Nimbostratus

Dec 18, 2014

Is there a guide to set up a LTM VE in an internal environment only?

Hello Everyone,

I'm looking into the correct way to set up a LTM VE in our QA environment so we can match our production environment more closely. The following is the main details or possible issues of the QA environment.

LTM is being setup in VCenter.
LTM is not the default gateway.
The QA environment only has one subnet.

Has anyone setup a LTM in this scenario? I know f5 gives you an error if the management VLAN is on the same subnet as the internal VLAN. If need be, we do have another network, we could use for the management and external VLANs if need be. I'm trying to keep this as simple as possible.

Thanks for you help,

David Williams

LTM Newbie

application delivery

configuration

LTM

tiziano_rosato
Cirrus
Dec 18, 2014
Hi,

management interface is for management only, no user traffic!

But you can configure another interface for user traffic and also for management.
shaggy_121467
Cumulonimbus
Dec 18, 2014
technically the management interface doesn't need to be connected to anything (i'd still give it an address since BIGIPs use them as device identifiers in some code levels). you can use the internal interface/self-IP address to manage the device by configuring "port lockdown" of the self-IP to "allow default". DO NOT do this if the self-IP is publicly accessible.
- David_130214
  Nimbostratus
  Dec 18, 2014
  Thanks shaggy. Do you have to have an internal and external VLAN?
- shaggy_121467
  Cumulonimbus
  Dec 18, 2014
  you only need one prod VLAN if you're doing a one-arm configuration using SNAT
- David_130214
  Nimbostratus
  Dec 18, 2014
  The setup forces you setup both. Do you set the external to equal the internal or do you have to setup another way? Thanks for you help!
shaggy
Nimbostratus
Dec 18, 2014
technically the management interface doesn't need to be connected to anything (i'd still give it an address since BIGIPs use them as device identifiers in some code levels). you can use the internal interface/self-IP address to manage the device by configuring "port lockdown" of the self-IP to "allow default". DO NOT do this if the self-IP is publicly accessible.
- David_130214
  Nimbostratus
  Dec 18, 2014
  Thanks shaggy. Do you have to have an internal and external VLAN?
- shaggy
  Nimbostratus
  Dec 18, 2014
  you only need one prod VLAN if you're doing a one-arm configuration using SNAT
- David_130214
  Nimbostratus
  Dec 18, 2014
  The setup forces you setup both. Do you set the external to equal the internal or do you have to setup another way? Thanks for you help!