AWS Issue with F5/LTM

We are trying to implement a standalone LTM in AWS. Eventually GTM but lets get some basics working first :)

 

Network is 172.22.0.0/16 with 2 subnets. 172.22.1.0 for MGMT and 172.22.2.0 for DMZ.

 

All AWS ACL's, SG's, and instance Firewalls have been disabled or setup to allow an Any/Any scenario. All networks/IP's/protocol's are/were accessible via 10.0.0.0/8 corporate network via VPN prior to implementing F5

 

F5 Mgmt IP is 172.22.1.25 and DMZ IP is 172.22.2.250. F5 GW for 172.22.2.0 network is 172.2.1 or AWS GW.

 

Instances in the DMZ have a GW of the F5 or 172.22.2.250.

 

Virtual Server 1 is a Any/Any IP Forward port/protocol. Virtual Server 2 is a port 80 forward to a IIS Webserver

 

Traffic going to the web server works. Traffic going direct to the server does not. Say RDP for example. Setting up another VS for RDP then it works.

 

From the instance, trying to ping anything 10.0.0.0/8 does not work currently unless changing the GW back to the AWS Gateway.

 

Thoughts? We have this same setup working without issue in an on prem solution so I have to be missing something somewhere!!