APM SSL VPN - Internet Access Issue

Question

We currently have an F5 configured using the APM/LTM with an SSL VPN for corporate users. &nbsp;
To get internet access, the users currently use a proxy which is defined in the network access profile, split-tunneling isn't used and is not an option.  We want to move away from the proxy and use a FW with URL filtering for internet access.  However, the users also have VOIP software for phone calls so there is no SNAT on the NA profile.  Removing the proxy configuration breaks the internet access as the source IP is the internal DMZ range which is blocked on the DMZ FW. There is a default gateway on the F5 for external networks via the DMZ FW, however as it is not Natted it gets blocked.&nbsp;
Is there any way to get the source IP natted for internet access via the external interface on the F5?  
&nbsp;

iaine · Answer

Hi John&nbsp;
Have you tried using forwarding layered vips for this?&nbsp;
I guess it depends on whether you can make the different destination determinations as to whether this could work&nbsp;

Forum Discussion

APM SSL VPN - Internet Access Issue

1 Reply

Recent Discussions

Error when running bigip_command Playbook against LTM : Syntax Error: unexpected argument /bin/sh\n

Can iRule be used to perform exception of IPI category based on Geolocation

Can iRule mask the payload content on event logs of security

minimum tmos software version for connect CIS (openshift)

Chrome V 124+ on MacOS - Virtual Server Access Issue

Related Content

Federated AWS Console Access Made Easy: F5 BIG-IP Access Policy Manager Access Guided Configurations

Regex issue

Issue accessing web servers through F5 setup on vmware lab environment

F5 APM VPN Choking Internet Bandwidth

F5 GTM resolution issue