Forum Discussion

Altocumulus

Dec 04, 2017

Multiple wildcard listners on different interfaces

Hello, Is it allowed to have two (or more) ip-forward virtual servers listening on any source, any dst and any port - but bound to different VLANs? The reason I ask is because in a tcpdump I some...

application delivery

LTM

Leonardo_Souza

Cirrocumulus

Dec 04, 2017

Firstly, the first 2 packets belong to one TCP connection and the last 2 to another TCP connection. Because the ports are different.

Change your filter to:

tcpdump -nni 0.0 'host 10.3.120.5 and host 10.2.120.31 and tcp port 135'

You will get all traffic.

So, yes you can have multiple forward virtual servers. For virtual servers, the VLAN enabled should be where the traffic arrives. The return traffic is allowed back. The problem is that in your example, the other packet comes in a new TCP connection, so is handled by the other virtual server that is enabled in that VLAN.

Also, is normal to see 2 packets, because of the forward virtual server. TCP handshake is between endpoints, one packet is in and one is out.

I guess you just did not capture the return traffic, or web server is not routing correctly.

See this solution for more information:

https://support.f5.com/csp/article/K8082

Forum Discussion

Multiple wildcard listners on different interfaces

Recent Discussions

Rundeck ansible F5 errors

What is the meaning is 52% block in WAF

rewrite Azure AD response for portal access via web portal

AS3 Monitoring multiple ports selectively

Open Redirection Mitigation

Related Content

Symmetric routing on NGINX Plus with multiple interfaces

Application Programming Interface (API) Authentication types simplified

BigIP VE - Multiple VLANs on single partition with single interface

Copper SFP Differences

Multiple Kubernetes Clusters and Path-Based Routing with F5 Distributed Cloud