Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Clear all filters
Answers

APM configuration query

While configuring APM, do we have to have configure self ip for any particular reason or task to perform ? I think for AFM we do, To make sure traffic is allowed on particular vlan which is represented by the self-ip. Please correct me if I am wrong.

Thank you, S

0
Rate this Question

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

I guess it's plausible that your SSL VPN connects to the same internal network you already had configured; one that already had a self-IP configured. It would then at least seem like you didn't need to set a self-ip, which could be understandably misleading.

I would highly recommend getting a team to do the configuration for you, or at least doing more research on self-ips, in addition to having a chat with your SE. It sounds like you have a currently working environment; any misconfiguration could jeopardize your production environment.

0
Comments on this Answer
Comment made 2 months ago by SH_F5 62

Thank you Miles.

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Regardless of which modules are enabled, self IP's provide a few functions:

1) They tell the BIG-IP which networks it is directly connected to
2) They provide an endpoint for routes
3) They are required for SNAT and monitoring processes to work correctly

I'd go ahead and configure self IP's for any vlans configured, unless I was implementing a solution that I knew didn't need them.

0
Comments on this Answer
Comment made 2 months ago by SH_F5 62

Thank you so much. I didn't have to configure self ip for SSLVPN to work. My question was, will it be okay not to have self ip configured for ssl vpn ?

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

SELFIP is the fundamental components that you need to configure in F5, regardless of which module you are using.

0
Comments on this Answer
Comment made 2 months ago by SH_F5 62

So for traffic destined to resources, for an example 172.16.1.2 and.3 should have self ip configured 172.16.1.1 and should be allowed by AFM ? or without configuring self ip it should all 172.16.1.2 and .3 without AFM.

Does APM need self ip configuration for SSL VPN to work ? I get the general idea about the self ip and its importance , but I am question for this particular case.

0