Trying to create an internal IP virtual server pointed to a load balanced pool for an API call

1. Confirmed the servers are pingable/reachable from the F5. They are passing their health check and the pool is up and ready for traffic.
2. Auto Map SNAT enabled, that is our default virtual server config build.

Share the output of the following;

tcpdump -nni 0.0:nnnp host and port

tmsh list ltm virtual

1. If the server vlan is not setup on the device(F5), do "tmsh show net route lookup ", get the F5 egress ip address from the output of the cmd and create and add the egress ip add to a snat-pool, apply the snat pool to the virtual server and try again.

    

2. Set your vs to listen on port 80 and enable port-translation. and also try accessing.

    

3. How do you access the backend server service (URL)?

    

4. What version of TMOS are you running?

    

1. Server vlan is set up on the F5. These two pool members are being used in other pools and completely accessible for other traffic.
2. I set the virtual server to port 80 and enabled port-translation, no change, still not accessible.
3. Visiting the server address directly gives me a 403, so server error, something is there and listening, just not when I try through the F5 virtual server address.

1. What exactly do you get as response when you try to access the VS?
2. Correct this if not accurate as I do not have specifics of your ip addressing, CleintSide-> 10.234.xxx.xxx.50856 > 192.168.xxx.xxx.9000 ServerSide-> 192.168.xxx.xxx.50927 > 10.228.128.76.9000 ?

1.Browser error "This page can't be displayed" 2.That path appears to be correct. 10.228.128.76 is one of the two servers in the pool, other being 10.228.128.77.

1. If my previous comment was accurate, why is the F5 using 192.168.xxx.xxx:50927 connecting to the backend server 10.228.128.76:9000 if it has a the server vlan configured?

2.This could be a PMTU issue, as you are getting too many DF bit set in the tcpdump. Open a support case for this.

Regards