Forum Discussion
Ravindra_Lakdaw
Feb 18, 2021Nimbostratus
Hello,
You have to use firewall but what you can do is configure virtual server on F5 which will have DMZ IP, NAT it on FW to outside IP. On back end F5 will talk to server.
Outside IP -->DMZ IP (F5 Virtual server)-->Inspection by APM policy-->Backend server IP
I configured APM policy to check geolocation. Below is my policy. This is how I am blocking traffic from countries other than Canada & USA. Users are allowed location box is checking IP subnets that I have allowed. HTH