Using the WAF instead of a jump server for ssh-tunneling?

Question

Hello everyone,This is how it works at the moment:We go from server A, in the internal network, with a public IP via ssh to a jump server in the DMZ.From the jump server we then go on to server B in the secure zone.I am relatively new to this and have been given the task of seeing if the WAF can replace the jump server.We use Advanced Web Application Firewall, r2600 with BIG-IP 17.1.1.3Is this possible and what do we need for it?Thank you in advance for your help !Best regards.&nbsp;

jeffrey_granier · Answer

WAF is going to be used for HTTP traffic.&nbsp; If you're simply looking for a connectivity option without security, then you can configure a SSH Virtual Server and you pool member would be the server in the DMZ.&nbsp; If you're looking for SSH security, then you might consider adding on AFM which can do SSH protocol inspection amongst other options.&nbsp; Secure SSH traffic with the SSH Proxy (f5.com)
&nbsp;
If no security is needed, you can restrict source IP;s on the LTM VS your configuring to access the DMZ jump server.&nbsp;&nbsp;

Forum Discussion

Using the WAF instead of a jump server for ssh-tunneling?

Recent Discussions

Sync-failover group doesn't sync properly

Outlook for mobile doesn't via APM doesn't work with Modern Authenication

F5OS download backup via API

Problems with ping dropped packets

Using the WAF instead of a jump server for ssh-tunneling?

Related Content

SSH tunnel endpoint?

Server cert expired

F5 ASM | Web Server Probe Signture

Decode SAML Response from IDP Server

Run LAMP v7 on ESXi Server ?