I am newbie, I am using a BIG-IP 2000 (11.6.0) version.
As a start, I want to create a simple network:
Client PC
10.0.0.1
255.255.255.0
GW: 10.0.0.254
*connected to int VLAN. i.e. port 1.1
BIG-IP System
ext router IP address: 172.16.100.17 - connected to port 1.2
pool: member (172.16.100.17)
virtual server: uses the above defined pool as the default. Type(Performance L4), Source address (0.0.0.0/0), Destination (0.0.0.0), port(all services)
I can ping the ext router (172.16.100.17) but when I try to ping the internet, its says destination network unreachable. I did a tracert and found that, the gateway (10.0.0.254) does not know how to forward the packets when pinging the internet. Also on the statistics, no connections are shown to the virtual server, even though I can ping the ext router. I want to access the internet through the client PC
Is there any configuration that I am missing here?
You must disable address and port translation on your Virtual Server. These are under the "Advanced" configuration. Without that, all traffic will be forwarded to the pool member using it's IP address as the destination. Moreover, assuming you want to forward more than TCP traffic, you must change the Protocol to "*All Protocols". You almost certainly want to limit the VS to just your internal VLAN (change "VLAN and Tunnel Traffic" to "Enabled on..." and move the internal VLAN to the "Selected" box).
Incidentally, this can be achieved a different way. If you set the BIG-IP default route to 172.16.100.17, you could then use a "Forwarding (IP)" Virtual Server type, which uses the BIG-IP route table to forward traffic.
I had the same problem and I found the solution by changing the vmnet0 bridge from automatic to the associated Network Ethernet Adapter. Vmware>Edit>Virtual Network Adapter>vmnet0
You must disable address and port translation on your Virtual Server. These are under the "Advanced" configuration. Without that, all traffic will be forwarded to the pool member using it's IP address as the destination. Moreover, assuming you want to forward more than TCP traffic, you must change the Protocol to "*All Protocols". You almost certainly want to limit the VS to just your internal VLAN (change "VLAN and Tunnel Traffic" to "Enabled on..." and move the internal VLAN to the "Selected" box).
Incidentally, this can be achieved a different way. If you set the BIG-IP default route to 172.16.100.17, you could then use a "Forwarding (IP)" Virtual Server type, which uses the BIG-IP route table to forward traffic.
However, I tried all the suggestions mentioned here.
Disabling the address and port translation
Defining a default route using the route object in configuration utility
Use a Forwarding IP virtual server
Enabled all protocols on the virtual server
Enabled the virtual server ONLY on the internal VLAN (as suggested)
None of them are working.
Should I be able to ping the Self IPs?
How can I troubleshoot to see where the problem is? Tracert shows that the default gateway set in the test PC (self IP address on the internal VLAN - 10.0.0.254) does not know where to forward packets destined for a network that is not directly connected to the system. i.e. does not forward the traffic to the default gateway through the virtual server and the pool members (destination net unreachable).
Also @Linda_01_162621 if "ip address translation" is disabled, the pool will be useful if the virtual server and pool memeber have the same ip address. so in your case it's not necessary to create a pool for ex router.
You need just configure a default route with the gateway (172.16.100.17).
Since you enabled automap SNAT, then when the traffic egresses the BIG-IP (toward the router), the BIG-IP changes the source address from that of the client to a self IP (of the BIG-IP) on the egress VLAN. This suggests that the router either does not have a route back to the client netblock, or that its route to the client netblock is not forwarded through the BIG-IP. In this case, the application of automap SNAT would make traffic work because the router and the BIG-IP share IP addresses in a common netblock on a common VLAN. Naturally, the router will have a route to a directly connected network.
I had the same problem and I found the solution by changing the vmnet0 bridge from automatic to the associated Network Ethernet Adapter. Vmware>Edit>Virtual Network Adapter>vmnet0
Hey thanks a lot bro. Changing the vmnet0 solved the problem for me. i was not able to access internet using the default gateway (10.0.0.1) virtual server but now i can. Just follow the steps: Vmware>Edit>Virtual Network Adapter>vmnet0.
