Virtual Server in LC

Question

hello frenz. 
&nbsp; i have two links, 
&nbsp; ISP1: 202.54.X.73        ISP2: 202.54.Y.73 
&nbsp;  
&nbsp; i configured two vs for each of link(202.54.X.185 and 202.54.Y.185), to load balance my webserver. 
&nbsp; Firewall(ip:202.54.X.100) knows only traffic for 202.54.X.73, it will not recognise traffic for 202.54.Y.73 
&nbsp;  
&nbsp; eirlier it was working properly with Radware.Now i am replacing Radware with F5-Link Controller. In Radware 202.54.Y.185 was Natted with the 202.54.X.185 which is not possible in F5. 
&nbsp; If i made(in LC) vs for 202.54.Y.185 with SNAT Pool as a AUTOMAP then it will send the self ip as a source ip which is not acceptable. 
&nbsp;  
&nbsp; thanks in advance, 
&nbsp; AJ 
&nbsp;

dennypayne · Answer

Hi AJ, 
  
 Your inbound virtual servers should not SNAT, you only want SNAT automap on your outbound wildcard virtual servers (ie, don't use a global SNAT automap).  So both 202.54.X.185 and 202.54.Y.185 should both point to a pool with the webserver's address on the outside of the firewall.  However you are saying that is also on the 202.54.X network, which probably won't work, you need a 3rd network between LC and the outside of the firewall so that either link can be SNAT'ed outbound.

ISP 1               ISP2 
       |                   | 
       |                   | 
      202.54.X          202.54.Y 
    ------------------------------ 
    |           LC               | 
    ------------------------------ 
                 | 
              192.168.X 
                 | 
             ---------- 
             |  FW    | 
             ----------

Denny

pankaj_70055 · Answer

Hi Denny, 
&nbsp;  
&nbsp; this would require a whole lot changes in the firewall (interface,nat,ipsec config [on remote peer] etc) 
&nbsp;  
&nbsp; isnt there anyway out we can have ISP routable IP addreses on firewall which also does nat for one ISP and NAT for second ISP to be done by LC? Which will allow us to put LC in network with least changes? 
&nbsp;  
&nbsp;  &nbsp;

Forum Discussion

Virtual Server in LC

2 Replies

Recent Discussions

F5 terminal - help to run commands - disk space full

import live updates from version x to version y

Tenant image upgrade

iRule editor partition button does not work

F5Access | MacOS Sonoma

Related Content

Check a Virtual Server's SSL Status

Virtual Server graphical App for F5 LTM

virtual server config

Reviewing vulnerability scanner results for an Access Policy Manager (APM) protected Virtual Server

Integrating SSL Orchestrator with Fortinet FortiGate Virtual Edition as a Virtual Wire