Setting up Self IPs, VLANs and interfaces properly
I am with a division of a much larger organization. The larger organization has a layer 3 firewall that all the divisions sit behind. We have some public-facing web servers that we are going to be standing up in a virtualized environment in our division and I've been tasked with standing up the BIG-IP F5 in front of our network to protect these sites.
I have experience with Cisco and Palo Alto firewalls, but am getting confused on the way the F5 is set up and works. I imagine some of that confusion is that we are using the Virtual Edition of the BIG-IP rather than a physical appliance like I'm accustomed to. So I was wondering if someone could help me understand how to work with the self IPs, interfaces and VLANs to get traffic flowing.
As I mentioned, the organization's layer 3 firewall is the border security appliance. It will take the public IP of our web server that a client is trying to reach and NAT that to an IP that is in the IP range of our external VLAN on the F5. Then the traffic will hit the F5 where a virtual server "listens" for traffic going to that IP range and sends that traffic to the web server which sits on an internal VLAN in a different IP range.
I'm just trying to understand in a simple, step by step fashion, how I would walk through that process of creating the proper self IPs, interfaces and VLANs. What do I set up first, then next and so on?
Let's say that the IP range of my external VLAN is 10.10.10.0/24 I have two internal VLANs. One has an IP range of 10.0.0.0/28 and the other is 10.0.1.0/28
Any help would be greatly appreciated and feel free to ask questions if I've left anything out.