cancel
Showing results for 
Search instead for 
Did you mean: 
Login & Join the DevCentral Connects Group to watch the Recorded LiveStream (May 12) on Basic iControl Security - show notes included.

can't reachable external to internal and internal to external network

Kyi_Thu_Aung
Altostratus
Altostratus

Please see the attached picture for my lab design in eve. As per design, R6 can't reach and ping the F5 interface (172.16.2.1), R4 can't ping the F5 interface (172.16.1.1). The route configuration is all right F5 and switch. From F5, it reachable all of the other networks.What I want to know is do I need to make a policy or something else to access those two interface networks from F5? I can't longer think?

0691T00000F5raWQAR.jpg

3 REPLIES 3

chrros95
Altostratus
Altostratus

By default, the Big-IP has a full-proxy architecture that requires that you have a listener matching each request that you want to forward to the "other"-/client-side. This applies to all connections even the interfaces of the Big-IP.

 

So I guess you either need a virtual server or a SNAT.

Do you have already configured one of these?

 

 

Hello  , Thanks for your replying. Do you have configuration or guideline for the virtual server related with my design. If you have, Please share me.

The configuration depends on your use case but one possible solution might be described in https://support.f5.com/csp/article/K7595 (use the self IP address as the destination)