Forum Discussion

rootvikm_79112's avatar
rootvikm_79112
Icon for Nimbostratus rankNimbostratus
Jun 12, 2007

Can you do port translation on the GTM?

 

 

First off, I'm new F5 products so don't flame me if this is a stupid question. Please feel free to point me to a more appropriate formum or doc location.

 

 

I am looking at using a GTM to do global load balancing of an SSL based VPN application. We will be using LTM's as well but they will be located behind a firewall. The only real issue I have with setting this up is that the firewall will not pass the VPN traffic on port 443 because its HTTPS agent rejects the traffic as not being valid HTTP traffic, which it isn't. It SOCKS wrapped in an SSL tunnel.

 

 

Currently we have a LB device eternal to the firewall that will do port translation to a differnt port that 443, so that we can pass the traffic through a generic proxy process.

 

 

Is there a way, either via configuration or iRule to configure the GTM to provide the port translation from 443 to another port?
application delivery
dev
devops
iRules

1 Reply

Sort By
  • hooleylist's avatar
    hooleylist
    Icon for Cirrostratus rankCirrostratus
    Jun 13, 2007
    I haven't worked much with GTM, but as I understand it, GTM provides DNS answers to client queries. The port the client should make a request to isn't provided in a DNS response. There is no concept of ports in DNS. The port is specified by the client in the request to the application. If the client is a browser, the port the client requests is dictated by the port in the hostname (or it defaults to the protocol's default port (http = 80, https = 443, etc). So if the client is a browser, the port is specified in the address the user types or the link they click on.

     

     

    If I've missed something, please let me know.

     

     

    Aaron