Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions

SSL VPN question

cjl1775
Nimbostratus
Nimbostratus

‎07-Apr-2022 11:10

Hello all new to the form but have a question on ssl vpn config

have a f5 with vpn floating ip set 192.168.10.250 and 192.168.10.251 these are the defualt gateways

created a new vlan and interface of 192.168.11.2 gw 192.168.11.1 this is what we would like to use as the source ip for ssl traffic using a pool 192.168.100.0/24 the up stream router already points to the 192.168.100.0/24 pool is this doable 

there is a route in the f5 to point the pool ip 192.168.100.0/24 to  the 192.168.11.2 address all other routing points to the floating ip 192.168.10.250/192.168.10.251

 

 

 

 

Labels:
0 Kudos
4 REPLIES 4

cjl1775
Nimbostratus
Nimbostratus

‎07-Apr-2022 12:42

As a note this is just tryinh to prevent any asymetric data flow for the vpn

0 Kudos

Sebastiansierra
MVP
MVP

‎08-Apr-2022 01:07

Hi,

What is your question ?

0 Kudos

cjl1775
Nimbostratus
Nimbostratus

‎08-Apr-2022 04:48

how to use the thrid floating ip 192.168.11.2 to be the source for all vpn traffic. not the  other floating ip addresses?

 

0 Kudos

Sebastiansierra
MVP
MVP
In response to cjl1775

‎08-Apr-2022 04:53 - edited ‎08-Apr-2022 04:53

Hi,

You can create a Snat pool and then assign it to the Virtual Server. for the source addr translation, you can follow the steps in the next link:

https://support.f5.com/csp/article/K47945399

By default when you configure automap, the system use the Float IPs but you can modify this behavior assigning a Snat pool and forcing the VS use this IP to deliver the traffic. 

0 Kudos
Copyright © 2023 Khoros, LLC