For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Rise_77519's avatar
Rise_77519
Icon for Nimbostratus rankNimbostratus
Apr 11, 2012

routed mode config issue

Hi,

 

I have two vlans (internal and external) and two web server in internal vlan ( exchange and blackberry servers). the exchange server default gataway was configured f5 internal ip address but blackberry server is firewall. blackberry server should make service request the exchange server from its external vip service ip address.but blacberry services is not working. but when I used snat mode then everything is ok.I think that the exchange server try to return response packet directly. Because in route mode, source and destination ip address would be in same subnet and exchange server will use directly connected interface metric instead of return packet to F5.

 

How can I fix the issue without using snat mode?

 

 

Many thanks.

 

config
design

1 Reply

  • Michael_Yates's avatar
    Michael_Yates
    Icon for Nimbostratus rankNimbostratus
    Apr 11, 2012
    Hi Rise,

     

     

    This is a common problem (Broken Routes) in situations like yours and your options are limited.

     

     

    1. Move one of the devices onto a non-LTM owned Subnet (which may or may not resolve your issue (Depends on the communication behavior).

     

    2. If you are on v11 you can attempt a Sideband Connection.

     

    3. Enable SNAT and try and compensate for the behavior with the X-Forwarded-For Header insertion of the true Client IP Address in the Packet Headers.

     

     

    Hope this helps.