F5, virtual ip address port create irules for nated address.

Question

Hi guys, 
I have created a vip and 10.xxx.xxx.xxx address. this is a nated address. 
I assign to the vip which is monitoring two nodes wiht http monitor on it. All appears green
When i browse to the individual iis pages on the server they work fine. when i hit 10.xxx.xxx.xxx ip it does not resolve anything.&nbsp;
I was reading some where to create a i rule 
https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/bigip-datacenter-firewall-config-11-1-0/6.html&nbsp;
i tried creating irule :iruleslist /create and gave irule1 name and copied the below statement. 
allow src 10.xxx.yyy.yyy/24 port 80 dst 10.xxx.xxx.xxx port 80 deny all&nbsp;
i get error : 
Rule [/Common/irule-1] error: /Common/irule-1:1: error: [undefined procedure: allow][allow src 204.170.0.0/24 port 80 dst 204.170.25.11 port 80 deny all]
What is wrong in this.?  can some one point me in the correct direction. &nbsp;
regards
Sunil &nbsp;

sp_266134 · Answer

telnet,ping and tracert the VIP address shows could not open the connection to the host on port 80.&nbsp;

vijay_e · Answer

If you are not able to ping the VIP, something is wrong with the routing. I would recommend checking that first. Where do you have the NAT configured - on a firewall in front of the F5 ?&nbsp;

Forum Discussion

F5, virtual ip address port create irules for nated address.

2 Replies

Recent Discussions

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5 Rseries HA

Need advise to setup a policy on F5

F5 Rseries R2600 Tenant sizing

Can iRule mask the payload content on event logs of security

Related Content

CSV to Address External Datagroup File

Decoding the IPv4 address from the persistence cookie

SNAT IP address logging

Restricting Access to Virtual from client IP address in X-Forwarder-For HTTP header

Restricting access to a virtual server by Public IP address should access through only domain name.