Forum Discussion
djfcc_23029
Nimbostratus
NimbostratusNetwork address Translation
Hi,
I require a little help figuring out how to handle the network address translation on the network we are installing our GTM.
Our GTM is in our DMZ, and only handles DNS queries from the internet. All of our hosts that are accessible from the internet using an external routable IP address, and the NAT is handled by our firewall.
If we configure a Virtual server on the GTM which IP address should we use? The internal IP address or the external routable IP address?
If we use the external IP address for the Virtual server the DNS response from the GTM to client is correct but the GTM can't monitor the Virtual server because our firewall can't allow traffic to enter and exit the same interface.
If we use the internal IP address for the Virtual server the DNS response is incorrect, because it returns the internal non-routable IP address but the monitoring works on the GTM.
I'm sure we are not the first company with this setup but I can't figure out how we configure the GTM to provide the correct external routable IP address from DNS queries and allow the virtual server to be monitored.
Thanks,
Dc.
Bob_Vance_75936Altostratus
Hellodjfcc,2 options here depending upon what is accessible from the GTM, public NAT or private IP.1. Use the public ip when setting up the virtual server so it will return the public ip to the resolver, but also run the health check thru the NAT.or2. Use the public ip when setting up the virtual server so it will return the public ip to the resolver, but configure a custom monitor for the virtual server and use the 'destination' option to set the internal ip address of the server to run the health check against.
djfcc_23029Hey Bob,Thanks for getting back to me.
Just been having a quick look for the destination option but couldn't find it, did I need to use a specific monitor?
Thanks,
Dc.
- Chris_MillerI believe Bob's referring to the "Alias Address" option.
