Forum Discussion
AltostratusLTM to proxy from LAN to WAN
Hello,
I'm looking for a solution article, or some guidance on taking an internal application and proxying all of it's traffic to an external SaaS. We have security requirements that don't allow direct access from the application server to the cloud.
Is there a simple methodology of setting this up in an iAPP, or better yet just a vs?
My apologies for my ignorance, I've had great success so for with WAN to LAN, but have yet to attempt the reverse.
Example:
1)Host "server1" proxies to LTM on port 3349 2)LTM translates traffic to specific cloud application
Thanks for your help!
2 Replies
Arnaud_LemaireEmployee
Hello, one complexity is that the DNS resolution for your sas fqdn may change.
So may need to use an irule to do a resolve lookup and assign a node dynamically .
Alternative could be to use http explicit proxy feature in 11.5 if your application allows it.
Jason_40733Cirrocumulus
You can always just setup an outbound NAT rule on the load balancers for the "server1" and the other servers. Add a route on "server1" for the Cloud Application destination that points to the floating self-IP on the LTM pair.
Alternately, you could make the LTM floating IP the default route for the servers that need to reach the Cloud Application. The NAT rule on the load balancers would be the same.
I would avoid trying to create a Virtual server on the LTM for the Cloud Application. Simply because you are load balancing across a WAN (performance concerns with scalability) and you have no control over the remote services.
But this NAT setup can be done with most firewalls and do not necessarily require an F5. Unless the F5 is already being used in this capacity, you might be better off getting NAT done by the firewall team.
Jason
