Unable to add virtual server to F5

Hi!

So you want the F5 to act like a router for traffic coming from Virtual PC, right?

If the F5 can access the internet, what interface is it using for that access?

 Virtual PC should have the gateway set to the ip of interface 1.1 

I think you might have a routing issue. I am guessing you have firewall/router with access to internet.

That device needs to know where the subnet of the virtual PC is. So you need to tell it to go to the F5 device for the subnet that virtual PC is in.

subnet1(interfacex.x)<->F5<->subnet2(interface 1.1)

Hi srinidhi12 , 

You can achieve it easily by using IP forwarding virtual server across F5. 

For more details about IP forwarding virtual server , read this Article : 

KB : https://support.f5.com/csp/article/K7595 .

Forwarding ip virtual server makes F5 to act as a router. 

Hope it helps you. 

Regards

here is an article on routing tables: 
https://support.f5.com/csp/article/K13284

management interface is using one routing subtable and the other interfaces are using other routing subtable.

it would be better not to use management for accessing internet.  I think it is still possible to use it, check in the 
article.

Share you managment  interface settings .

I still believe that the issue is somewhere else. Your firewall/router that you use to access the internet  need to have a route to the subnet where the Virtual PC is in . And also to be able to NAT it .

I would use other interface than Mgmt for internet access.

Then you add a default route in tmsh and that's it. You have a dual-arm F5 device doing routing.

srinidhi12 , 
Have you configure an IP Forwarding Virtual server as I send in my first reply ? 

F5 Will not Pass your Traffic Without " Listner " I mean  a Virtual server matches with these packets , if this For Lab only , Create  a new IP forwarding Virtual server ( Destination address 0.0.0.0/0 ) , also add a specific route to send traffic to the next hop which directs you to internet. 
Also I need you to Test internet Connectivity from F5 itself. 
Also Issue this command on bash #ip route get 8.8.8.8 " just for Example " 
see first if F5 can reach internet or not then test your PC Machine. 

Regards 

I've tested in my lab and even with a ip forwarding vip it does not work.

That's because the default route is in management routing table and the interface 1.1 is using TMM routing table.

So I made it work.

Interf 1.1 is in vlan 100 and 1.3 is in vlan 200.

Net is the management network.

I've added something similar called Net2, but attached to interface 1.3 in my case.

Created the vlan (vlan200 in my case), self-IP. Then I created a forwarding IP VIP with 0.0.0.0/0 for source and destination, no SNAT, and selected the source VLAN from where I am expecting the traffic to originate from. VLAN100 in my case.

Also I've had to add a static route on my firewall(not in the picture) to subnet in vlan100 where the Desktop is and point it to F5 ip in vlan200.

and that's it

you also need a default route in vlan2.

yes , Network> Routes

But your internet comes from somewhere. even if it is not in your Eve-ng lab. you internet gateway/firewall/router needs to send the traffic that comes from the internet back to Virtual PC. So it needs a route pointing to the F5.

you need a default route if you want to have internet on that Virtual PC, that means 0.0.0.0/0 and it needs to be on the link/vlan to outside (not management), in your case is vlan2, right? 

Here is my example: