Forum Discussion
George_33482
Nimbostratus
NimbostratusServer-initiated Connection what to do?
Hello,
i have a deployment of an ASM in few days and i need to clarify some points(if possible).
The ASM should be installed in a DMZ of a firewall and the server default gateway is the ASM.
the connection will be Client->Outside of Firewall->DMZ of firewall (ASM)-> web server.
off course all the necessary configuration will be done such as creating a virtual server and
bind it to a class.....etc.
The question is what to do on ASM if the server will initiate the connection??? The connection will be to a database server or any server which resides inside the LAN (Firewall inside).
Do i have to create a VS and assign it to the vlan facing the server, then bind a snat to it?
Is there any other ways?
Regards,
George
3 Replies
hoolioCirrostratus
Hi George,
A VS would be ideal. If you want to set idle timeouts and/or optimized profiles per protocol, you could create port specific virtual servers.
Aaron
George_33482Hi Aaron,
Thank you for your support.
Why I would set or change timeouts or use profiles?
Regards,- hoolioFor example, you could create a 0.0.0.0:80 VS with a TCP idle timeout set low (maybe 100 seconds) and a 0.0.0.0:3389 VS with a longer idle timeout for RDP (maybe 8 hours?).
sol7166: Changing the idle timeout for a protocol profile
http://support.f5.com/kb/en-us/solutions/public/7000/100/sol7166.html
Aaron
