TFTP inspection on F5 LTM

Question

Dear Team ,&nbsp;
In our current setup we are using F5 LTM as a inline device in our network and all the request when going outside of the network they get natted to a Single ip in F5 (one of the virtual server IP) and we have forwarding virtual server configured to accept all request .&nbsp;
But when a server behind F5 try to TFTP to a server on different network , it gets fail . The flow of the traffic is :-&nbsp;
TFTP CLient(Source X IP) ---&gt; F5 device(After Patting source ip changes X-&gt;Y) --- &gt;Firewall ----&gt; TFTP SERVER&nbsp;
Then the new request automatically generated by TFTP server to  tftp client with the nat ip :-&nbsp;
TFTP Server (Destination IP Y with ephermal port)----&gt; Firewall(allowed as inspection is enabled)----&gt;F5 device [Drop the packet]&nbsp;
as the traffic is sent to pat IP(Y in this case) it drop because PAT(port address translation ) is unidireactional .&nbsp;
So is there any method to inspect the TFTP traffic , so that the return traffic (which initiated by the server) can be allowed .&nbsp;

petewhite · Answer

Create a VS specifically for that traffic on UDP port 69 and assign the UDP profile. Assign a SNAT profile just for this traffic.&nbsp;

Forum Discussion

TFTP inspection on F5 LTM

1 Reply

Recent Discussions

Geo Fence in ASM through irule for URI

Client certificate Authentication - open multiple tabs

google autenticator broken barcode

Chrome V 124+ on MacOS - Virtual Server Access Issue

vulnerabilities (CVE-2020-36363), CVE-2016-0736,CVE-2019-6593-FOR VERSION BIGIP LTM-16.1.4

Related Content

TFTP load balancing

AFM Protocol Inspection rules for CVE-2022-3602 (aka SpookySSL)

Unsupported Snort Keywords in Protocol Inspection

Advanced TFTP Load Balancing

Inspecting HTTP LB traffic for security