Remote access VPNS

Hi kunaIP~

 

Are you asking about using a reverse proxy to internal web applications (which it can) or connecting via a layer 3 VPN/encrypted tunnel (which it can) or a specific encrypted app tunnel connection to a particular application (which it can)?

 

ps

 

I want VPN connections to terminate in DMZ, because it is inbound traffic from internet,

 

Once users gets authenticated , they will get IP adresses from leased pool lets' say 10.10.10.x/24 range

 

I want that 10.10.10.x traffic to go to the Corp switch not to the same interface where VPN tunnels are being established.

 

Like in the image look how aruba and Meraki are configured.

 

Is this possible in F5? two armed solution where VPNS and Autheticated users don't use same interface.

 

if i understand you correctly then that is possible. the VPN end point is the virtual server with the APM network connect profile. the VPN users get their IPs from a local pool on the BIG-IP for which you can determine to which external interface the traffic is routed.

 

there are some hints here to doing this for multiple pools: https://devcentral.f5.com/questions/apm-portal-access-using-route-domains https://support.f5.com/kb/en-us/products/big-ip_apm/manuals/product/apm_config_10_1_0/apm_config_advanced_policies.html