Outbound traffic to internet from intranet

Hi Varnisai,

You may create a wildcard VS on F5 and have the gateway routers defined in the pool which will forward the traffic from your intranet to internet.

You can also explicitly configure the source IP ( of the user trying to access internet) on the VS configuration.

Hi Prince

Thanks for the information, looks like this will work , only if we have to go out to internet via LTM, due to our security layers, we may have to go thru GTM. It will be like source initiates traffic to a URL , the flow will be

Source URL --->DNS---->GTM--->internet I don't have ltm directly going to internet to configure the VS

The environment is little tricky,let me know, if u got this or else I can try providing more info.

It's like setting a proxy for outbound from a known source to a set of internet IPs

Hi Varnisai,

You may configure a wildcard listener on GTM as well to forward the traffic.

To configure a wildcard listener

1. On the Main tab of the navigation pane, expand Global Traffic and then click Listeners. The main listeners screen opens. 2. Click the Create button. The new listener screen opens. 3. In the Destination box, type: 0.0.0.0. 4. From the VLAN Traffic list, select a VLAN setting appropriate for this listener. 5. Click the Finished button to save the new wildcard listener.

Please refer to below link for detailed information :

https://support.f5.com/kb/en-us/products/big-ip_gtm/manuals/product/gtm_config_guide_10/gtm_listeners.html1012435

Hope this meets your requirement.

Hi Varnisai,

On LTM, we do have an option to limit the source on a specific VS configuration. However did not find a similar option on GTM.

Considering the restricition in your environment, i would suggest creating an irule to map it with this wildcard listener which should allow connection only from a specific source.