Forum Discussion
Hamish
Jun 18, 2008Cirrocumulus
Are you talking connections into the servers from external, or connections being initiated by the servers?
Easiest way is to ensure that all traffic passes through the F5...
However if you get creative you can ensure that outbound connections from servers to external where only the packets from external to internal pass through the F5 work by using loose open/loose close in the protocol (TCP/SCTCP/UDP/Either) profile on the VS that is hit for the return traffic... (Otherwise the packets get dropped because they're not following the usual SYN/SYNACK/ACK sequence).
The other thing to watch for is asymmetric routing... Asymmetric routing doesn't work on F5 unless you disable the PVA (And also requires asettingin the DB IIRC).
H
H