DNS and WAF on the same box

Question

Dear Pros:
I have a Bigip provisioned  with DNS and WAF in the same box, When I add the vs_WAF as a wide ip "A record", the listener reply with the private IP from the vs_WAF, thats sound as a logical answer, as the listener is not aware of the public IP address I pretend to reply for DNS queries.
Now my question is, What is my best bet to answer to DNS queries with the public IP address of vs_WAF configured as NAT in the firewall?
note:The WAF´s public side is in the DMZ subnet of a Firewall.
host---&gt;LDNS----&gt;Autoritative DNS---&gt;Firewall---&gt;[F5 DNS Listener + vs_WAF]---&gt;NLB Private IP&nbsp;
I would like to avoid dealing with route domains with DNS and WAF in separate RD.&nbsp;

petewhite · Answer

K14707: Configuring BIG-IP DNS server objects for BIG-IP devices that reside behind a firewall NAT&nbsp;

Forum Discussion

DNS and WAF on the same box

1 Reply

Recent Discussions

import live updates from version x to version y

Tenant image upgrade

iRule editor partition button does not work

F5Access | MacOS Sonoma

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

Related Content

Using F5 Distributed Cloud DNS Load Balancer health checks and DNS observability

Logging of DNS Requests and Responses without a DNS license

Logging DNS Requests

ESRP Strategies: DNS Water Torture Attack

GSLB Split DNS by iRule