F5 DNS Configured behind Firewall but not working as expected

Question

Hi All,&nbsp;
I have configured F5 DNS which is connected behind firewall to serve DNS. Firewall is doing NAT and translated to private IP addresses.&nbsp;
Clients --&gt; FW (NAT) --&gt; F5 DNS ---&gt; VIP (private ip)&nbsp;
I have configured servers with private ip 10.1.1.1 and 20.1.1.1 with translation IP address (public) 62.1.1.1 and 72.1.1.1.on GSLB Servers--&gt; Virtual servers, I have dded VIP's NAT address as translation address.
After above configurations i have tried nslookup from internet and i am getting private IP address as DNS response. I am expecting VIP's translation address as DNS response but in my case it is not.&nbsp;
Can some one help please.&nbsp;
-&nbsp;

only1masterbla1 · Answer

on GSLB Servers--&gt; Virtual servers, VIP should have external IP and translation address should be internal IP (real IP). Is it configured this way?&nbsp;

nathe · Answer

From the following solution Configuring BIG-IP DNS server objects for BIG-IP devices that reside behind a firewall NAT the Address will be the Public IP address that is returned to the external client. The Translation address is the internal VIP, private IP address.&nbsp;
Hope this helps,&nbsp;
N&nbsp;

Forum Discussion

F5 DNS Configured behind Firewall but not working as expected

2 Replies

Recent Discussions

BIG-IP Next

GTM Design | LTM+ ASM+GTM on same VM

Inquiry on F5's Maintenance Mode Feature for Pool Members

F5 APM with OIDC Web Duo Prompt

Inquiry on F5's Maintenance Mode Feature for Pool Members

Related Content

F5 AFM/Edge Firewall and the difference between Edge Firewalls and Next-generation Firewalls (NGFW)

Configuring BIG-IP AFM firewall policies and rules with Ansible

Integrating SSL Orchestrator with CheckPoint Firewall VM-Explicit Proxy

LTM VE behind Sophos Firewall deployment - configuration/setup question

ANSIBLE Configuration of a firewall rule list to be added on desired position in the firewall policy