Forum Discussion

uskwarrior's avatar
uskwarrior
Icon for Altostratus rankAltostratus
Aug 10, 2023
Solved

Issue accessing web servers through F5 setup on vmware lab environment

Hello Folks,

I am working on setting up F5 LTM (version 17.1.0.1) in my lab environment on vmware workstation where my goal is to do a PoC on publishing the internal web servers through F5 to the external network.

However, after several attempts, I am able for the setup to get working.

Can you please advice on what am I missing ? I have provided information on my setup below.

I have two IIS web servers running (10.10.10.150 and 10.10.10.151) on windows server 2019 on the network 10.10.10.0/24. The web servers are accessible on port 80 and 443 from the internal network (10.10.10.0/24).

 


On the F5, I performed the following steps:

  1. Ensured that the web servers are reachable from F5 (through ping and port 80/443)

2. Created two VLANs - Internal (pointing to internal network) and External (pointing to external network) and mapped them to the two interfaces 1.1 (connected physically on vmware to homelab internal network) and 1.2 (connected physically on vmware to homelab external network)respectively.

3. Associated self-ips to the internal and external vlan,.

4. Created two separate pools for the two web servers on port 80 and 443 and added the nodes. The pool and nodes appear to be up on F5.

5. Created two separate virtual servers for port 80 and 443 with destination address as 192.168.1.251 and 192.168.1.250 (external interface IP) respectively. Though I didn't make any changes to the configuration settings on virtual server. The virtual servers appeared to be up.

6. Finally, I Setup a workstation connected to the external network 192.168.0.0/24 to test access through F5 VIP for the addresses 192.168.1.251 and 192.168.1.250 where I get the certificate warning but the page doesn't get renderred

 

7 Replies

    • uskwarrior's avatar
      uskwarrior
      Icon for Altostratus rankAltostratus

      I tried adding a SNAT rule with the destination NAT IP as the external interface of the F5 (192.168.1.250). But still the page is not being renderred ­čś×