ASM Virtual server vlan configuration.

Question

Hello All,&nbsp;
We are planning to deploy ASM to monitor application traffic. Application servers are in internal VLAN. No app server in DMZ. Only option I think is VIP(virtual server) to be created in internal vlan and map app servers to VIP so that both are in same VLAN.
Hence, External user uses public IP which is NAT to F5 VIP(internal VLAN) and from F5 VIP to internal APP server.
But risk here is we can not allow externals to access internal VLAN directly. If F5 VIP(internal VLAN) compromised it will risk entire internal network.&nbsp;
we have other applications in DMZ VLAN for which we don't face any issue. But for this particular application servers in DMZ is not an option.
Is this understanding correct or am I missing anything here? Please help.&nbsp;

richard_karon · Answer

what is your preferred configuration?

Forum Discussion

ASM Virtual server vlan configuration.

1 Reply

Recent Discussions

Error when running bigip_command Playbook against LTM : Syntax Error: unexpected argument /bin/sh\n

Can iRule be used to perform exception of IPI category based on Geolocation

Can iRule mask the payload content on event logs of security

minimum tmos software version for connect CIS (openshift)

Chrome V 124+ on MacOS - Virtual Server Access Issue

Related Content

Check a Virtual Server's SSL Status

Virtual Server graphical App for F5 LTM

virtual server config

Integrating SSL Orchestrator with Fortinet FortiGate Virtual Edition as a Virtual Wire

Reviewing vulnerability scanner results for an Access Policy Manager (APM) protected Virtual Server