Routing Between DMZ & LAN using F5

Hi,

Your F5 can act as a "router" between your DMZ and LAN networks.

Hello,

Thank you for your reponse.

Can you please provide me a tutorial to do that.

Thank you in advance.

From tmsh run this -

create virtual ip_forward { destination 0.0.0.0:any ip-forward ip-protocol tcp mask any profiles { fastL4 { } } translate-address disabled translate-port disabled vlans-disabled }

Hello Domai,

Can you excuse my ignorance about the product cause I can't understand very well.

My purpose is to have a network architecture as shown below :

Can I use the port of virtual appliance as gateway for my servers to communicate between those on DMZ and the others LAN.

Thank you.

bigip is default deny device. to allow traffic across vlans, object listener has to be created such as virtual server, snat or nat. in short, create wildcard ip forwarding virtual server to allow traffic between appand web tiers.

sol7595: Overview of IP forwarding virtual servers

Thank you for your indications,

I have created Vlans and associated them to proper Nic cards.

My servers can ping those IPs as gateway.

I configured the VS on the F5 part to allow communication between vlan as shown below :

This is still not working, my server on DMZ cannot ping server on LAN and the opposite is true too.

Can you help me please.

Thank you again.

Can you allow it to all and test....make your destination to any for now instead of specifying 192.168.2.0/24 Use 0.0.0.0 and mask as any and test first? See if this works?

Hello,

I updated the settings as required, but still not working.

Thank you.

Can you give me your f5 device self ips. Please mask the original values if you are using public ips.

There is the self Ips,

I'm just on lab environnement.