Forum Discussion

ashish_solanki's avatar
ashish_solanki
Icon for Cirrus rankCirrus
Jun 20, 2022

Port Redirection

Hey Guys,

I have requirement where in client wants to have a setup like below:

In this case whenever any internal user wants to access application on port 22 we have to whitelist the destination address in AFM policy and there is a irule then which redirects the request to port 22

server on listening on port 22 <--------Internet <--------- F5 VS port 8822<--------- Internal Client wants to have SFTP 

when client_accepted {

                                   node [IP::remote_addr] 22

}

Now the requirement is whenever client wants to access the application suppose on port 8822 then the request will be redirected to port 8822 on the internet.

server listening on port 8822<--------Internet <--------- F5 VS port 8822<---------Internal client accessing app on 8822

what changes needs to be done in the same irule to cater this request, please suggest or if anyone have configured the same setup.

Note: My F5's are hosted in Azure Cloud.

 

 

application delivery
irule

1 Reply

Sort By
  • Nikoolayy1's avatar
    Nikoolayy1
    Icon for MVP rankMVP
    Jun 20, 2022

    I really don't get the irule use in your case as F5 does port translation without irules as the F5 VS can listen to port 8822 or 22 and the pool members ip address and port is configured in the pool config so F5 does a change to the destination port and ip address by default.

     

     

    If the servers use public ip addreesses then maybe it will be better to use a forwarding virtual server that will make F5 act like a router and the AFM policy can still be applied to the virtual server or globally.

     

    https://support.f5.com/csp/article/K7595

     

    https://support.f5.com/csp/article/K10354610