Forum Discussion
hmian_178112
Jun 14, 2018Nimbostratus
TCP Connection Reset between VIP and Client
Topology:
Pulse Authentication Servers <--> F5 <--> FORTIGATE <--> JUNOS RTR <--> Internet <--> Client/users.
Background:
Clients on the internet attempting to reach a VPN app VIP (load-balance...
- Jun 14, 2018
What are the Pulse/VPN servers using as their default gateway? They should be using the F5 if SNAT is not in use to avoid asymmetric routing.
I would do the following then test:
- Change the VIP to use SNAT. Test.
- If it works, reverse the VIP configuration in step 1 (e.g. no SNAT)
- Disable all pool members in POOL_EXAMPLE except for 30.1.1.138
- Change the gateway for 30.1.1.138 to 30.1.1.132. Test.
hmian_178112
Jun 14, 2018Nimbostratus
THank you AceDawg, your first answer was on point and resolved the issue.
Comment made 4 hours ago by AceDawg 202What are the Pulse/VPN servers using as their default gateway? They should be using the F5 if SNAT is not in use to avoid asymmetric routing.
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects