Redirecting traffic using iRules or Root Domains

Question

Hi All,&nbsp;
So we have an F5 BigIP LTM with two interfaces, DMZ &amp; Inside. The traffic flow required is from external&gt;DMZ&gt;F5&gt;DMZ&gt;Palo Alto. The Palo Alto has an Inside interface.&nbsp;
So to be clear we do not want the traffic to flow via the F5 Inside Interface but back out of the DMZ interface to the Palo Alto DMZ Interface.&nbsp;
So what should I used... Can I use an iRule or do I have to introduce another Root Domain?&nbsp;
Thanks&nbsp;
Simon&nbsp;

kai_wilke · Answer

Hi Simon,&nbsp;
An iRule could be used to overwrite the source IP and also next hop, when forwarding the traffic from your DMZ to your internal network. &nbsp;
But i would recomment to use different route domains for each security zone (e.g. Internal and dmz). It would simplify your setup to a great extend, make it more robust and less error phrone. In this case you wouldnt need iRule to route the trafic accordingly, since each route domoin would have an independent routing table.&nbsp;
Cheers, Kai&nbsp;

kai_wilke · Answer

BTW: Welcome to DevCentral. Take a seat and enjoy the show... ;-)&nbsp;

Forum Discussion

Redirecting traffic using iRules or Root Domains

2 Replies

Recent Discussions

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

F5 loadbalancer not working

Pricing when used with aws waf

F5 terminal - help to run commands - disk space full

Related Content

Enriching AFM with public domain Threat Intelligence

irule uri traffic redirection failing

fellow traffic

domain blocking

Anchor Link Redirect