F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

arpydays's avatar
arpydays
Icon for Nimbostratus rankNimbostratus
Jul 23, 2015

couple of suggestions;

 

  1. couldn't you put vlan 905 on the switch and let the internal servers route direct to other internal services, like DB etc. Then for traffic leaving the network, NAT on the external firewall. Vlan905 will then be able to talk to vlan6 servers or F5 VSs via the switch g/w.

     

  2. stick to one vlan if you can, i.e. vlan4 for the client side traffic and just use other address space for the VSs and a route on the switch for them via vlan4 self-ip.

     

  3. if the above doesn't work for you then I guess you do selective snat based on egress vlan but you solution is going to get more complex. For this you would use a irule and something like [LINK::lasthop name] to grab the egress vlan then use that to determine what SNAT to use based on class lookup or similar..

     

cheers