cancel
Showing results for 
Search instead for 
Did you mean: 

Command to Verity Outbound Traffic

A__N_5261
Nimbostratus
Nimbostratus

Hi All,

 

 

We have server in 192.168.195.0/24 ( Pool Member), And default gateway is BIG IP (192.168.195.1). Setup is like this

 

 

FW----------------------------------- BIG IP-------------------------------------------------pool member

 

192.168.177.0/24 (VLAN 700) 192.168.195.0/24 (VLAN 500)

 

VIP pool member

 

 

 

I want to see . when i intiated traffic from server , how BIG IP process. does it Doing NAT ?

 

 

Thanks In ADVANCE

 

A.N

 

4 REPLIES 4

nitass
F5 Employee
F5 Employee
when i intiated traffic from server , how BIG IP process. does it Doing NAT ?listener object (i.e. virtual server, snat) is required to forward server initiate traffic.

What_Lies_Bene1
Cirrostratus
Cirrostratus
Assuming you mean you will initiate some sort of connection from the Pool Member server outbound via the F5, it won't be NATted or even permitted without some configuration on your part. A BIG-IP is a deny by default device, traffic is only allowed if handled by a Virtual Server or NAT/SNAT. To allow the server to communicate through the F5 you can do a number of things depending on your needs;

 

 

1) Setup a 1 to 1 NAT

 

2) Setup an SNAT

 

3) Configure some kind of wildcard Virtual Server enabled on the internal VLAN (a routing VS or similar)

A__N_5261
Nimbostratus
Nimbostratus
Thanks to both for quick reply

 

 

1. can we see connection of flow , With any command ?

 

 

 

 

nitass
F5 Employee
F5 Employee
1. can we see connection of flow , With any command ? b conn or tmsh show sys connection command.

 

 

bigpipe

 

 

NAME conn command - Displays, deletes, or sets idle timeout for active connections on the BIG-IP system. SYNTAX Use this command to display, delete, or set idle timeout for active connections on the BIG-IP system. CREATE/MODIFY bigpipe conn ( â all) [{] [}] ::= [client ( â )] \ [server ( â )] \ [ss client ( â )] \ [ss server ( â )] \ [(any â local â mirror)] \ [protocol ] \ [age ] ::= idle timeout ( â immediate â indefinite) DISPLAY bigpipe conn [ â all] [show [all]] bigpipe conn ( â all) age [show] bigpipe conn ( â all) client [show] bigpipe conn ( â all) idle timeout [show] bigpipe conn ( â all) protocol [show] bigpipe conn ( â all) server [show] bigpipe conn ( â all) ss client [show] bigpipe conn ( â all) ss server [show]

 

 

tmsh

 

 

root@ve10(Active)(tmos) show sys connection ? Options: all-properties Display all properties for the specified items default Units are determined based on current values gig All values are displayed in giga-units kil All values are displayed in kilo-units meg All values are displayed in mega-units raw No conversions are made to any values | Route command output to a filter Properties: "{" Optional delimiter age Specifies the age, in seconds, of a connection cs-client-addr Specifies the clientside remote address of the active connections cs-client-port Specifies the clientside remote port of the active connections cs-server-addr Specifies the clientside local address of the active connections cs-server-port Specifies the clientside local port of the active connections protocol Specifies the protocol used for specified connections (for example: tcp, udp) ss-server-addr Specifies the serverside remote address of the active connections ss-server-port Specifies the serverside remote port of the active connections type Specifies the connnection type used for specified connections (for example: any, mirror, self)