NimbostratusGTM Design
Hello,
How is everyone doing?
We currently got our hands on a GTM. We have been a big fan of the F5 LTM which has worked great for us. I currently have a question in regards to the Design setup for the GTM.
I was looking to delegate a subzone on our DNS servers to the GTM devices and just use CNAMEs. My question is in regards to handling public and private DNS responses. We currently use our LTMs in this manner. We create the vips and pools, but if we want something to be hosted externally, we NAT though a Firewall. The F5 vips are currently in a DMZ which is protected by ACLs. Some people will NAT through the F5.
For the internal resolution with the GTM, everything seems to work great. My question is in regards to the external resolution. Being that we Nat through the FW, how would I be able to setup the GTM to return external addresses of internal IP'ed vips? Do I have to setup vips with SNat and then be able to pick up the pool (f5 vip) from the GTM?
outside ----> FW ----> F5 DMZ ----> users
1.1.1.1 192.168.0.1
So users will hit 192.168.0.1 internal to the company.
Outside users will hit 1.1.1.1 which there is a static NAT on the firewall which translates it too 192.168.0.1
If I have to use the F5 with SNAT rules, I have no issues re-arranging things as we don't have so many external vips.
