not able to access internal network(VIP) from external network in BIG IP

[root@BIG-IP-Lab-1:Active:Standalone] config route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 external 9.1.1.0 0.0.0.0 255.255.255.0 U 0 0 0 mgmt 10.10.1.0 0.0.0.0 255.255.255.0 U 0 0 0 internal 127.1.1.0 0.0.0.0 255.255.255.0 U 0 0 0 tmm 127.7.0.0 127.1.1.253 255.255.0.0 UG 0 0 0 tmm 127.20.0.0 0.0.0.0 255.255.0.0 U 0 0 0 tmm_bp 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 external [root@BIG-IP-Lab-1:Active:Standalone] config

please share the command for VLAN checking

[root@BIG-IP-Lab-1:Active:Standalone] config route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 external 9.1.1.0 0.0.0.0 255.255.255.0 U 0 0 0 mgmt 10.10.1.0 0.0.0.0 255.255.255.0 U 0 0 0 internal 127.1.1.0 0.0.0.0 255.255.255.0 U 0 0 0 tmm 127.7.0.0 127.1.1.253 255.255.0.0 UG 0 0 0 tmm 127.20.0.0 0.0.0.0 255.255.0.0 U 0 0 0 tmm_bp 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 external [root@BIG-IP-Lab-1:Active:Standalone] config

please share the command for VLAN checking

Hi Raghvendra

Please find below logs and now external system IP also not reachable

[root@Imran:Active:Standalone] config tmsh list /net vlan all-properties net vlan external { app-service none auto-lasthop default cmp-hash default customer-tag none dag-round-robin disabled dag-tunnel outer description none failsafe disabled failsafe-action failover-restart-tm failsafe-timeout 90 fwd-mode l3 hardware-syncookie disabled if-index 160 interfaces { 1.1 { app-service none tag-mode none tagged } } learning enable-forward mtu 1500 partition Common sflow { poll-interval 0 poll-interval-global yes sampling-rate 0 sampling-rate-global yes } source-checking disabled syn-flood-rate-limit 1000 syncache-threshold 6000 tag 4093 } net vlan internal { app-service none auto-lasthop default cmp-hash default customer-tag none dag-round-robin disabled dag-tunnel outer description none failsafe disabled failsafe-action failover-restart-tm failsafe-timeout 90 fwd-mode l3 hardware-syncookie disabled if-index 144 interfaces { 1.2 { app-service none tag-mode none untagged } } learning enable-forward mtu 1500 partition Common sflow { poll-interval 0 poll-interval-global yes sampling-rate 0 sampling-rate-global yes } source-checking disabled syn-flood-rate-limit 1000 syncache-threshold 6000 tag 4094 } [root@Imran:Active:Standalone] config

[root@Imran:Active:Standalone] config tmsh show net interface

Net::Interface Name Status Bits Bits Pkts Pkts Drops Errs Media

1.1 up 1.7M 131.6K 2.3K 376 0 0 10000T-FD 1.2 up 36.6M 8.6M 16.1K 15.8K 0 0 10000T-FD 1.3 uninit 0 0 0 0 0 0 none mgmt up 39.6M 79.9M 24.0K 24.9K 0 0 100TX-FD

[root@Imran:Active:Standalone] config

[root@Imran:Active:Standalone] config tmsh show sys ip-address

Sys::IP Address

default net route external_default_gateway 9.1.1.145 cm device Imran.com 10.10.1.11 ltm node Web-11-Green 10.10.1.11 ltm pool Our-HTTP-Pool 10.10.1.12 ltm node Web-12-White 10.10.1.12 ltm pool Our-HTTP-Pool 10.10.1.13 ltm node Web-33-Red 10.10.1.13 ltm pool Our-HTTP-Pool 10.10.1.145 cm device Imran.com 192.168.1.200 ltm virtual-address 192.168.1.200

[root@Imran:Active:Standalone] config

-- What you see for the status of Virtual Server ? Is it showing as Green ? -- What is the Status of Pool ? -- From where you are testing to access the Virtual Server ? Is it from the same machine you configured the VMWare Workstation and F5 in it ? If yes your machine has an interface created with IP from same subnet if VIP.

What you see for the status of Virtual Server ? Yes it is green

-- What is the Status of Pool ? Active and Green

-- From where you are testing to access the Virtual Server ? Is it from the same machine you configured the VMWare Workstation and F5 in it ? If yes your machine has an interface created with IP from same subnet if VIP. : Yes I am accessing from my Physical machine where i install Wmware workstation, My system is in same subnet of VIP: Virtual IP is 192.168.1.200 and my physical system IP is 192.168.1.10.

Hi Raghvendra

Please find below logs and now external system IP also not reachable

[root@Imran:Active:Standalone] config tmsh list /net vlan all-properties net vlan external { app-service none auto-lasthop default cmp-hash default customer-tag none dag-round-robin disabled dag-tunnel outer description none failsafe disabled failsafe-action failover-restart-tm failsafe-timeout 90 fwd-mode l3 hardware-syncookie disabled if-index 160 interfaces { 1.1 { app-service none tag-mode none tagged } } learning enable-forward mtu 1500 partition Common sflow { poll-interval 0 poll-interval-global yes sampling-rate 0 sampling-rate-global yes } source-checking disabled syn-flood-rate-limit 1000 syncache-threshold 6000 tag 4093 } net vlan internal { app-service none auto-lasthop default cmp-hash default customer-tag none dag-round-robin disabled dag-tunnel outer description none failsafe disabled failsafe-action failover-restart-tm failsafe-timeout 90 fwd-mode l3 hardware-syncookie disabled if-index 144 interfaces { 1.2 { app-service none tag-mode none untagged } } learning enable-forward mtu 1500 partition Common sflow { poll-interval 0 poll-interval-global yes sampling-rate 0 sampling-rate-global yes } source-checking disabled syn-flood-rate-limit 1000 syncache-threshold 6000 tag 4094 } [root@Imran:Active:Standalone] config

[root@Imran:Active:Standalone] config tmsh show net interface

Net::Interface Name Status Bits Bits Pkts Pkts Drops Errs Media

1.1 up 1.7M 131.6K 2.3K 376 0 0 10000T-FD 1.2 up 36.6M 8.6M 16.1K 15.8K 0 0 10000T-FD 1.3 uninit 0 0 0 0 0 0 none mgmt up 39.6M 79.9M 24.0K 24.9K 0 0 100TX-FD

[root@Imran:Active:Standalone] config

[root@Imran:Active:Standalone] config tmsh show sys ip-address

Sys::IP Address

default net route external_default_gateway 9.1.1.145 cm device Imran.com 10.10.1.11 ltm node Web-11-Green 10.10.1.11 ltm pool Our-HTTP-Pool 10.10.1.12 ltm node Web-12-White 10.10.1.12 ltm pool Our-HTTP-Pool 10.10.1.13 ltm node Web-33-Red 10.10.1.13 ltm pool Our-HTTP-Pool 10.10.1.145 cm device Imran.com 192.168.1.200 ltm virtual-address 192.168.1.200

[root@Imran:Active:Standalone] config

-- What you see for the status of Virtual Server ? Is it showing as Green ? -- What is the Status of Pool ? -- From where you are testing to access the Virtual Server ? Is it from the same machine you configured the VMWare Workstation and F5 in it ? If yes your machine has an interface created with IP from same subnet if VIP.

What you see for the status of Virtual Server ? Yes it is green

-- What is the Status of Pool ? Active and Green

-- From where you are testing to access the Virtual Server ? Is it from the same machine you configured the VMWare Workstation and F5 in it ? If yes your machine has an interface created with IP from same subnet if VIP. : Yes I am accessing from my Physical machine where i install Wmware workstation, My system is in same subnet of VIP: Virtual IP is 192.168.1.200 and my physical system IP is 192.168.1.10.