route traffic out to internet

Were you a version 4.x user? I ask only because in version 4.x, there was a checkbox to enable routing, whereas in version 9.x, there isn't, and as such, the F5 became a default deny platform at layer3. In order to enable the routing outbound, particularly if the F5 is inline to your outbound traffic, you'll need to create a network virtual server to do this. I would make sure you only enable this on your internal vlan:

virtual default-forwarder {
   destination any:any
   ip forward
   profile fastL4
   vlans DMZb enable
}

Thank you for the reply, I was not a version 4 user.

 

I see that you talk about creating a network virtual server but it looks like you include code to do it from command line or in an irule

 

 

When i use the gui to create a network virtual server it asks for an address and mask

 

I only get the the fastL4 option if i choose Forwarding layer two for the type

 

 

My take would be that i create a network server with the following:

 

Type: network

 

Address10.135.1.0

 

mask: 255.255.255.0

 

Type: Forwarding (layer 2)

 

Protocol: TCP

 

Protocol Profile:fastL4

 

Vlan Traffic: Enabled on internal

 

SNAT Pool: Auto Map

 

 

The problem is i get the blue box and dont know if I am to choose a clone pool or last hop pool.

 

 

I am new to this so i am sorry if I am missing something simple. I am using 9.1.2

I am sorry for the post, it seems that i did have everything working properly but as I was trying to figure this out I was also checking with my firewall guy. Apparently he was not allowing outbound traffic from those hosts and since he has changed that it has fixed the problem.

 

 

Thank you for the good information though, I am sure it will come in usefull in the future.