Forum Discussion
One directional comunication via virtual server
Hello All,
I´m new here and I´m beginner with F5.
I´m trying to publish one http server for test.
What I did. I have created server which is accessible via http in internal network, without F5. I have created virtual server list, where I put destination IP (publicIP) with port 80 and created pool with one InternalIP. I have tried to set up automap in virtual server list, but it doesn´t help me.
I have checked tcpdump on F5 site where I can see that there is some comunication from Internet to the virtual server, but there is not answer from virtual server to F5. (On virtual server I can see, it is sending responses.)
If you need more details, please let me know, I will share it with you.
Thank you for help
Does the website work when you bypass the F5 and go to the server directly?
Could you go onto the CLI and run the following commands to list out the virtual server configuration
tmsh list ltm virtual
tmsh list ltm pool
- F5beginner_3849Nimbostratus
Hi Michael,
Traffic to the server goes directly in internal network and in external it goes from outside via F5 to server. So only from external network will traffic go via F5.
`ltm virtual ExternalIPs { clone-pools { PoolInternalIPs { context clientside } } creation-time destination 1.1.1.1:http ip-protocol tcp last-modified-time mask 255.255.255.255 pool PoolInternalIPs profiles { tcp { } } source 0.0.0.0/0 source-address-translation { type automap } source-port change translate-address enabled translate-port enabled vs-index 9
} [root@f5lb02:Active:In Sync] config tmsh list ltm pool PoolInternalIPs ltm pool PoolInternalIPs { members { 10.1.1.1:http { address 10.1.1.1 session monitor-enabled state up } } monitor tcp_half_open }`
- PeteWhiteEmployee
Can't see any issue with the F5 config, maybe post the output of the command
while you make a request to the virtual server. Often these sorts of issues are firewalls in the network or server. Worth also checking whether you are receiving any packets at the server.tcpdump -i 0.0:p -s0 tcp port 80 and host 1.1.1.1
- F5beginner_3849Nimbostratus
Hello,
tcpdump and tshark was very helpfull. I find out, that port was not opened from outside (stupid mistake)
Thank you
- PeteWhiteEmployee
Adding as an answer to stop this showing up as 'unanswered'.
Can't see any issue with the F5 config, maybe post the output of the command
while you make a request to the virtual server. Often these sorts of issues are firewalls in the network or server. Worth also checking whether you are receiving any packets at the server.tcpdump -i 0.0:p -s0 tcp port 80 and host 1.1.1.1
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com