Forum Discussion
scott_h_ryan_82
Nimbostratus
NimbostratusOk, simplifying my question even more as ..
I'm still in need of a solution that will work ;-)
The F5 has a connection to the core carrying vlan 50.
I want a server in Vlan 60 (DMZ) to talk to the server in VLAN 50
I want the communication between Vlan 60 and Vlan 50 to go through a firewall. (not using the link carrying vlan 50 from the F5 to the core)
I setup a Wildcare VS, 0.0.0.0/0.0.0.0 any port, any protocol, performancel4, vlan60, to force that traffic to the firewall instead of across the directly connected link.
Which route to the 50 network will the F5 choose? the directly connected route over the trunkn link to the core, or through the firewall via the wildcard VS?
I think that's as simple as I can ask this without someone having to have indepth knowledge of the topology and routing I'm working on.
- dennypayne
Employee
Hi Scott,
Not sure if you saw my other reference in your other post (Click here), but if you've done a Perf L4 wildcard 0.0.0.0 pointing to a pool with the firewall address it should direct the traffic to the firewall and not directly to VLAN 50. I'm not exactly sure what VLAN your firewall is on though? - I'm assuming something other than VLAN50... (or, more accurately, what VLAN will the F5 use to talk to the firewall? As long as it's not VLAN50, I think that should do what you want).
Denny 
scott_h_ryan_82Thanks for the reply. The firewall is actually on the same VLAN as the front end vip address... as the interface i'm trying to point traffic to is the DMZ interface on the firewall.... the subnet also has self-ip's on the F5...
It "appears" that for some reason or another, this traffic is taking the directly connected path instead of the wildcard VS and going to the firewall.. Not good.
