Aug 12, 2011

Newbie question - managing specific nodes




I am having trouble understanding how to manage my servers that are behind an F5.


I have a trial setup of 2 virtual appliances and 2 test servers. At the moment these devices can ping each other and the floating/self ips of the F5 HA pair, but traffic for other networks is not routed by active unit, it appears to be dropped.



So I set up a SNAT rule and was able to ping out from the test servers, but of course the address was translated. That is fine I guess for outbound connections, but what about inbound when I want to reach a specific server, say on SSH or ICMP? Well it appears I could set up a 1-to-1 SNAT for each server, but why bother? What I want is simply to be able to talk to each server on it's real IP address if I choose - in parallel with any virtual servers I run on the external network.



How do I achieve this?



I am sure it's a fairly basic question but the manuals have not yet answered this.









