DirectAccess with F5 as external load balancer
Hello folks, I'm trying to implement DirectAccess using F5 as external load balancer but I can't find any details on how it should be configured in the entire Internet! It is a very simple implementation with 2 DirectAccess servers each 1 with NIC. A public IP is NATted to F5 and from there traffic should be load balanced to the DA servers. But that is not working. I have configured a pool with both DA servers and assigned it to a virtual server with both client and server SSL profiles assigned. I have done this before using Netscaler. In that scenario I just had to create a SSL Bridge Virtual Server with SSL Session persistence and it worked fine. Any documentation available or any kind soul that can provide some insight? Thanks Felipe387Views0likes5CommentsIPHTTPS with DirectAccess Not working with F5
I am helping a client implement DirectAccess 2012 using IPHTTPS as the Protocol. The setup is ISP Firewall----Client Firewall------F5 (Big IP) ----DA Servers---Internal Network. The ISP is doing 1-1 NAT for the Public IP Addresses to the Client’s Firewall to an internal range. Then the traffic is forwarded to the F5 and then DA. The setup works fine when using DA with a single Server configuration. I can connect and access internal resources but when I enable External Load Balancer with a standard SSL Forwarding to the DA, the setup never works. I am NOT terminating the SSL on F5. The Servers are pointing to the internal IP of F5 as DG. Also, one thing that I am confused about is where to use the VIP which is created at the time of DA ELB Wizard. I have four Servers with 10.20.4.41, 42,43,44 and when I run the Load Balancing Wizard, it upgrades the 41 IP as VIP and I have to use 45 as the DIP but since F5 only requires the Self IP but no VIP. Where exactly do I use this IP which is on the same Network as the DA Server’s external Interface? I am using Performance L4 profile on the F5.Solved778Views0likes12Comments