STATIC ROUTE NOT WORKING ON BIG IP

Question

I set a static route to a remote network from my F5 BIG IP device so  the F5 can route traffic from an internal server to the remote network. But it seems not to be working. I have done all that i think needs to be done as regards ensuring the self ip on the BIG IP that connects to the next HOP ip address are on the same network such that i can ping it. I made the HOP ip the gateway to static route i created on the F5. Yet it seems not to be working. F5 is not going through the route and not reaching the remote network. Please can you help me here? It's an ongoing implementation.

dario_garrido · Answer

Hello Oreoluwa.&nbsp;Please, clarify your topology and where you are performing those tests.&nbsp;To reach one remote network from your backend server, you need to create a VS which allows this traffic to passing through your device.&nbsp;KR,Dario.

dario_garrido · Answer

Check this -&gt;https://packetpushers.net/stateless-routing-f5-ltm/&nbsp;It's what you are looking for.&nbsp;KR,Dario.

oreoluwa · Answer

I have read the documentation but i maybe i should clarify my question. In this environment i am working on, they got private addresses from a telecoms operator, 10.114.114.x/30. These private addresses are only routable to an internal network 172.20.238.x/24 such that from wherever the owners of the telecoms ip addresses are, they can make a request to any host on the network 172.20.238.x/24. This network 172.20.238.x host is then nated by a firewall to the internal servers. This was their existing architecture. Now, the firewall is being replaced by F5 as a hop to the internal servers to which requests will be made. Because i have set a vlan self IP of 172.20.238.5 on the F5 and a virtual server ip of 172.20.238.8 on the F5, and mapped it to the pool where the internal servers, the telecoms private address hosts can reach the F5 through the VIP and the interface. But the F5 cannot reach the telecoms private address. I set a static route so it knows how to reach it but F5 still doesnt go that route. So even though from F5 i can ping the next hop Router interface above the F5 on 172.20.238.9, i cannot Ping 10.114.114.170 which router above F5 points to.

oreoluwa · Answer

I have read the documentation but i maybe i should clarify my question. In this environment i am working on, they got private addresses from a telecoms operator, 10.114.114.x/30. These private addresses are only routable to an internal network 172.20.238.x/24 such that from wherever the owners of the telecoms ip addresses are, they can make a request to any host on the network 172.20.238.x/24. This network 172.20.238.x host is then nated by a firewall to the internal servers. This was their existing architecture. Now, the firewall is being replaced by F5 as a hop to the internal servers to which requests will be made. Because i have set a vlan self IP of 172.20.238.5 on the F5 and a virtual server ip of 172.20.238.8 on the F5, and mapped it to the pool where the internal servers, the telecoms private address hosts can reach the F5 through the VIP and the interface. But the F5 cannot reach the telecoms private address. I set a static route so it knows how to reach it but F5 still doesnt go that route. So even though from F5 i can ping the next hop Router interface above the F5 on 172.20.238.9, i cannot Ping 10.114.114.170 which router above F5 points to.

Forum Discussion

STATIC ROUTE NOT WORKING ON BIG IP

4 Replies

Recent Discussions

vulnerabilities-CVE-2020-16150 & CVE-2013-0169

google autenticator broken barcode

Error while running ansible

ASM instance creation

[ASM] - what is "Browser Challange file" ?

Related Content

Static Route

F5 virtual server not using static route when SNAT is set to none.

Layer 7 Content Routing in F5 XC

SNI Routing with DNS Lookup

iRules Recipe 4: Static Maintenance Page