cancel
Showing results for 
Search instead for 
Did you mean: 

SSL VPN question

cjl1775
Nimbostratus
Nimbostratus

Hello all new to the form but have a question on ssl vpn config

have a f5 with vpn floating ip set 192.168.10.250 and 192.168.10.251 these are the defualt gateways

created a new vlan and interface of 192.168.11.2 gw 192.168.11.1 this is what we would like to use as the source ip for ssl traffic using a pool 192.168.100.0/24 the up stream router already points to the 192.168.100.0/24 pool is this doable 

there is a route in the f5 to point the pool ip 192.168.100.0/24 to  the 192.168.11.2 address all other routing points to the floating ip 192.168.10.250/192.168.10.251

 

 

 

 

4 REPLIES 4

cjl1775
Nimbostratus
Nimbostratus

As a note this is just tryinh to prevent any asymetric data flow for the vpn

Sebastiansierra
Cirrocumulus
Cirrocumulus

Hi,

What is your question ?

cjl1775
Nimbostratus
Nimbostratus

how to use the thrid floating ip 192.168.11.2 to be the source for all vpn traffic. not the  other floating ip addresses?

 

Hi,

You can create a Snat pool and then assign it to the Virtual Server. for the source addr translation, you can follow the steps in the next link:

https://support.f5.com/csp/article/K47945399

By default when you configure automap, the system use the Float IPs but you can modify this behavior assigning a Snat pool and forcing the VS use this IP to deliver the traffic.