vpn through LC

Hello Jack,

 

 

I'm not sure that I fully understand your query, would you be able to provide further information please?

 

 

You'll probably want to use a forwarding Virtual Server to forward VPN traffic straight through to an internal firewall, based on my own experience.

 

 

Thanks,

 

 

Chris

Hi Chris

 

 

I understand that I need to configure vs for incoming traffic. but how about the the outgoing traffic from HQ? i configured outgoing traffic from hq using load balance from 4 different ISP. as a result, the outgoing traffic may have 1.1.1.1, 2.2.2.2, 3.3.3.3, 4.4.4.4 as it's source but branch accept only 1.1.1.1 or 2.2.2.2.

 

 

Thanks.

 

 

Jack

are you licensed for LTM? If so, you could write a simple iRule to source traffic to your branches with a snatpool. Without the license, another possibility to is to policy route your VPN traffic with your L3 gear to the LC on a specific virtual where a snatpool with only 1.1.1.1/2.2.2.2 defined in a snatpool. Of course, this assumes snatpools are available on LC, and I don't have any exposure to that product. HTH...Jason

thanks for the reply, Jason. we do not have the LTM license and those L3 equipment controlled by ISP. i attached a revised diagram, any hint?

I don't see the attachment. Have you tried an iRule, it's not obvious in the 10.2.1 LC manual, but it appears there is iRule support. Sorry I don't have more helpful info, LC isn't a product I've used before.