Forum Discussion
Ido_Katz_38061
Nimbostratus
NimbostratusVirtual Server/Pool Assistant
Hello All,
My name is Ido Katz and I have a little question:
I have an application that called MT4 which communicating with port 443 but the problem is that I cannot connect to the application if i'm moving the traffic via the F5.
Basically the thing that I have to do is to create a NAT from the firewall so the external IP will translate to the origin IP (which is the F5 virtual server) and then the F5 supposed to forward the traffic to the pool which will forward the traffic to the node, right?
The facts:
1.If I will put the server IP address as the origin IP in the firewall it will work.
2. When I’m putting the F5 virtual server as the origin IP it will not work
The virtual server configuration is very basic:
The virtual server configured as Standard TCP with port 443, and so is the node.
Protocol profile (client): TCP-wan-Optimized
Protocol Profile (server): TCP-Lan-Optimized
One connect: None
Http profile: http-wan-optimized-compression
Stream profile: None
SSL profile (Client): None
SSL profile (Server): None
Address translation is enabled.
Source port: preserve
SNAT: Auto Map
Can someone please advise?
Thanks
Ido
1 Reply
natheCirrocumulus
Ido,
You're certainly right about how the f5 will work, it will listen and then forward traffic to a pool member. First thing to check is that the monitors have marked the pool / node up. Any issues here and the traffic won't get forwarded, even if the origin server is up.
Do you see any connections hitting the VS? Check out the Statistics page in the GUI. If not then it's an issue from the firewall to the f5. If you do see connections then you need to check the route from the f5 to the origin server. Is the origin server IP on the same subset as a configured VLAN on the f5? If not it may need a static route setting up in my experience.
Tcpdump and / or wireshark should help you locate where the issue lies and f5 has the tracepath command as well.
Good luck...
N
