Source routing with iRules

Hi Aaron

 

 

I have made the changes as suggested as I can see that this has tidied up the configuration so thanks for that.

 

 

I still have a problem in that I cannot hit the back-end networks though;

 

 

I am still getting the ICMP reverse path check on the wrong interface of the PIX;

 

 

 

2010-12-08 17:20:40 Local4.Debug 172.25.0.8 Dec 08 2010 17:20:40: %PIX-7-609001: Built local-host schools-portal:10.130.33.21

 

2010-12-08 17:20:40 Local4.Info 172.25.0.8 Dec 08 2010 17:20:40: %PIX-6-302020: Built outbound ICMP connection for faddr 10.130.33.21/0 gaddr edjones-pc/1 laddr edjones-pc/1

 

2010-12-08 17:20:40 Local4.Alert 172.25.0.8 Dec 08 2010 17:20:40: %PIX-1-106021: Deny ICMP reverse path check from edjones-pc to 10.130.55.12 on interface dmz-servers

 

 

so the traffic is still trying to route back down the default gateway of 10.130.4.1 and not the school-portal gateway of 10.130.32.1

 

 

The traffic must be getting to the F5 in order for it to send it back down the wrong gateway so I suspect that the source routing profile isn't working. Any ideas?

 

 

I also made sure that the virtual server incvluded all protocols as I am testing with ICMP.

 

 

Regards,

 

 

Ed