Hi team! Does the new feature Virtual Wires work with ASM? Can we configure a VS with ASM enabled?
Does Virtual Wires work with F5 HA?
It should, all you need is a virtual server that is able to inspect the traffic. ASM is been working in L2 virtual servers for quite a long time as far as I know.
Regarding virtual wire in HA as that is mainly L2 forwarding there will be only one path from one point to another, in case of failover the adjacent switched will need to learn about the new path through the new active big-ip, it should be automatic.
To be honest, I have not tested but I don't see HA could be a limitation for virtual wires.
Hi! Thanks for your time, I suspect ASM will not be able to block requests because in the manual is written: "This type of configuration is typically used for security monitoring, where the BIG-IP system inspects ingress packets without modifying them in any way".
Can someone please confirm?
ASM is not aware hoy you ltm is deployed (l2, l3, virtual wire) so as far as you have a virtual server to manage traffic and you add a security policy, if the policy is in blocking then you will be blocking traffic.
I have not played with it yet but this is how it usually works on big-ip.
Has anybody tested this with ASM yet?
@THi We've tested it and did not work. F5 said that it would be ok at 14 version.
Anyone tried this with version 14? Still not possible, or I made a mistake in configuration.
hit up support if it doesn't.