F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

faycal_29095's avatar
faycal_29095
Icon for Nimbostratus rankNimbostratus
Dec 02, 2007

Virutal Server for VPN

hi everybody;   i create a Virtual server, type standard (0.0.0./0) for VPN use (UDP 500).   but i see only some packet in this VS.   please, can you help me to understand where exactly can w...
application delivery
dev
devops
iRules
JRahm's avatar
JRahm
Icon for Admin rankAdmin
Dec 04, 2007
I would do this by applying a virtual 0.0.0.0/0 against ONLY the internal vlan, with a rule applied (below). I am not sure I understand your requirements as a couple of them seem conflicting. Here's a start for you, and If I am misunderstanding, please post back. Also, if you use AH or NAT-T at all, you'll also need to allow for protocol 51 and udp/4500 (respectively)


when CLIENT_ACCEPTED {
  if { [IP::protocol] == 50 } {
     pool isp-gateways member ISP1
  } elseif { [UDP::local_port] == 500 } {
     pool isp-gateways member ISP1
  } else {
      pool isp-gateways
  }
}

Of course, you'd need to make sure you have a forwarder for your internal vlan as well applied ONLY to the public-facing vlan.