Forum Discussion
create /net route 10.0.0.0/8 gw 10.xx.xx.193
Maybe is a problem with mask... /8 seems to overlap with
tmsh create net self Internal address 10.xx.xx.245/26
Or directly a problem with vlans and interfaces as Stanislas says
Looks like I have manged to this working - Thanks to you all for your inputs, I am able to ping the Internal Private vlANs.
Why did I have all these confusions? Unfortunately I am helping a site without much knowledge about the network (remotely helping out).
Working config
Start all over again after re-importing the OVF file, assigned right v NIC ( only have two physical nics, Private trunked at the router, Public nic ) MGMT, Internal and HA assigned with Private and External with public
Assigned MGMT IP to the F5 VE
GUI into F5 using MGMT IP, activate license and installed additional modules.
Create vLANs as follows:
vLAN_Private_1 assigned to int 1.1
vLAN_Private_2 assigned to int 1.1
vLAN_External_1 assigned to int 1.2
vLAN_Others_1 assigned to int 1.3 ----> technically this isn't in use
Create selfIP for Private vLANs
vLAN_Private_1_selfIP 10.xxx.xxx.66/27 vLAN_Private_1 port lockdown default
vLAN_Private_2_selfIP 10.xxx.xxx.226/27 vLAN_Private_2 port lockdown default
vLAN_External_2_selfIP xxx.xxx.xxx.124/28 vLAN_Extrenal_1 port lockdown none
At this point I am able to ping vLAN_Private_1 and vLAN_Private_2 from F5 CLI
Create VIPs for internal network to get to vLAN_Private_1 and vLAN_Private_2 - this is important to have else wont be able to ping from outside F5 into F5, and this will also allow to get to f5 MGMT portal
Internal_traffic_1
src 10.0.0.0/8 dst 10.xxx.xxx.64/27 enable vlan vLAN_Private_1
Internal_traffic_2
src 10.0.0.0/8 dst 10.xxx.xxx.224/27 enable vlan vLAN_Private_2
At this point I was able to ping 10.xxx.xxx.66 and 10.xxx.xxx.226 from MGMT network i.e. 10.xxx.xxx.218 - self_ip for each private vLANs, I also did a TCP dump to make sure that the traffic is getting into F5 from 10.xxx.xxx.218
Now moving into external traffic out from F5
Create default route
External_route src 0.0.0.0 mask 0.0.0.0 gw xxx.xxx.xxx.113
At this point I have tried to ping the GW xxx.xxx.xxx.113 - I am unable to do so.
Does anyone know how to resolve this?
Thanks,