ftps issues

Question

Hello  
&nbsp;  
&nbsp; is there a way to resolve the following issue with an Irule. 
&nbsp; I currently have a support case also opened on this issue. 
&nbsp;  
&nbsp; we have the f5 in front of a firewall the servers sit behind the firewall and are routed to the f5 the f5 has the real server ips in the pool. I need to get the ftps  to connect to ftp software globalScape  I tired solution 9437 but by setting a masqerade ip on th ftp box to the external vip address still no dice. Cannot not use ip forwarding or l4 because server not directly connected is there any way with an irule  to get around this if so how ? 
&nbsp;  
&nbsp;  
&nbsp; Thanks

johns · Answer

I have had this come up before and the only way to resolve was to do the following: 
&nbsp; 1.  Server needs to be in the same vlan as the BIG-IP (which you do not have) 
&nbsp; 2.  Attach the ftp virtual server IP to the loopback interface on the ftp server 
&nbsp; 3.  Configure FTP server to listen on the virtual server IP that is attached to its loopback interface 
&nbsp; 4.  Configure the virtual server to NOT translate IP. 
&nbsp; 5.  Server uses BIG-iP as the default gateway 
&nbsp;  
&nbsp; Since FTPS is secured between the client and the server, there is not much BIG-IP can do as a device in the middle without visibility into the FTP session. 
&nbsp;  &nbsp;

Forum Discussion

ftps issues

1 Reply

Recent Discussions

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5 Rseries HA

Need advise to setup a policy on F5

F5 Rseries R2600 Tenant sizing

Can iRule mask the payload content on event logs of security

Related Content

Regex issue

FTP Session Logging

FTPS Offload via iRules

F5 GTM resolution issue

Irule Example Issue