Forum Discussion

Nimbostratus

Dec 02, 2007

Virutal Server for VPN

hi everybody; i create a Virtual server, type standard (0.0.0./0) for VPN use (UDP 500). but i see only some packet in this VS. please, can you help me to understand where exactly can w...

Admin

Dec 04, 2007

I would do this by applying a virtual 0.0.0.0/0 against ONLY the internal vlan, with a rule applied (below). I am not sure I understand your requirements as a couple of them seem conflicting. Here's a start for you, and If I am misunderstanding, please post back. Also, if you use AH or NAT-T at all, you'll also need to allow for protocol 51 and udp/4500 (respectively)


when CLIENT_ACCEPTED {
  if { [IP::protocol] == 50 } {
     pool isp-gateways member ISP1
  } elseif { [UDP::local_port] == 500 } {
     pool isp-gateways member ISP1
  } else {
      pool isp-gateways
  }
}

Of course, you'd need to make sure you have a forwarder for your internal vlan as well applied ONLY to the public-facing vlan.

Forum Discussion

Virutal Server for VPN

Recent Discussions

What is the meaning is 52% block in WAF

Rundeck ansible F5 errors

rewrite Azure AD response for portal access via web portal

AS3 Monitoring multiple ports selectively

Open Redirection Mitigation

Related Content

Server cert expired

F5 ASM | Web Server Probe Signture

Assign specific uri to a server\node in pool

F5 Fundamental Lab-can't communicate between servers

Server port not accessible from F5