NimbostratusHello everyone
I need a pool of servers to make outbound connections with a Snat and a different route than the default route of the BIG-IP. They have some recommendation or good practices to do this. We have tested with Snat but we did not succeed.
Thank you!
CirrostratusHi, First the servers must point to BIG-IP as default gateway. Configure static routes or run a dynamic routing protocol of the BIG-IP.
HTH.
NimbostratusThanks for the reply.
The servers have as DG the Self-IP of the BIG IP. But additionally I need these servers to have internet connection and do so with a Snat, and the connection to the internet is for a FW not for the BIG-IP.
Regards!
CirrostratusIf the traffic from internal servers outbound is to the internet, then a default route is what you need. Why don't you want to use that? Do you have a "Forwardinf IP" wildcard (0.0.0.0:0)virtual server type on the internal VLAN to process the internet traffic from the servers? If you have one in place share the output of "tmsh list ltm virtual "
NimbostratusHi Eben,
I have a default route, but this route is different from the route that the servers have to use for outbound internet traffic.
So I need 2 routes: -One for outgoing internet traffic. -The route for traffic to customers. (current DR).
Thanks for the reply.
NimbostratusHi, First the servers must point to BIG-IP as default gateway. Configure static routes or run a dynamic routing protocol of the BIG-IP.
HTH.
NimbostratusThanks for the reply.
The servers have as DG the Self-IP of the BIG IP. But additionally I need these servers to have internet connection and do so with a Snat, and the connection to the internet is for a FW not for the BIG-IP.
Regards!
NimbostratusIf the traffic from internal servers outbound is to the internet, then a default route is what you need. Why don't you want to use that? Do you have a "Forwardinf IP" wildcard (0.0.0.0:0)virtual server type on the internal VLAN to process the internet traffic from the servers? If you have one in place share the output of "tmsh list ltm virtual "
NimbostratusHi Eben,
I have a default route, but this route is different from the route that the servers have to use for outbound internet traffic.
So I need 2 routes: -One for outgoing internet traffic. -The route for traffic to customers. (current DR).
Thanks for the reply.
CumulonimbusHi Pzamberlan,
you have to respect this requirement:
Create an VS (L4) with this vs IP: 0.0.0.0:443 or 0.0.0.0:* if you need more port (you can also create multiple vs depending port you need).
In the VS settings you have to uncheck "Port Translation" and "address ranslation".
If you want to monitor your GW (pool memeber) you have to create it as transparent. but for the momenet don't set any monitor until you validate your oubtound service.
Keep me in touch.
Regards