Virtual Server -- IP Forwarding

I am upgrading a pair of BigIP2400's to LTM 3400's. In order to make my life easy I had it built in our testing to simulate the production environment. The production environment is 3 tier but the process I am testing out is the first 2 layers. I have attached a jpg with the layout.

 

 

Traffic from the web will come through firewall 1 to the external interface (10.0.0.30) to a pool that contains the web servers (10.1.XX.XXX). The web then needs to past data to the app layer servers (10.2.XX.XXX). In this design the LTM has to able to route traffic from layer 1 (web) to layer 2 (App).

 

 

The process works fine on version 4.6.X but does not do so well under 9.4.3.

 

 

I can't get the 10.1.35.65 to talk to 10.2.35.65.

 

 

Here is what I have done so far:

 

 

1) Created IP Forwarding Virtual Servers per SOL7229

 

ex. virtual ext-forwarding {

 

destination 10.1.0.0:any

 

ip forward

 

vlans external enable

 

 

ex. virtual int-forwarding

 

destination 10.0.0.0:any

 

ip forward

 

vlans internal enable

 

2) Created a Route

 

ex. 10.2.0.0/16 10.0.255.254

 

 

I try connecting -- telnet 10.2.35.65 80 (Firewall rules are open for port 80 & 443)

 

Via tcpdump I can see the request on the internal vlan but it never gets to the external vlan. I even added a route statement on the Windows servers and the result is the same. From the LTM I can ping and telnet to both servers

 

 

These are the articles I have viewed so far:

 

sol7595

 

sol7229

 

sol5867

 

sol7366

 

 

Any suggestions!!!!!!!!

 

 

FYI --> I inherited the network design...

 

 

Roger