Forum Discussion
kwkyiu_53019
Aug 01, 2008Nimbostratus
Posted By hamish@travellingkiwi.com on 07/31/2008 5:06 AM
Funnily enough I've been pondering a similar situation... Except with front-end and backend F5's and requiring de-NAT'ing at the backend... I think iRUles won't doit, but one thing I thought of was to use ssh (Available in the Linux OS of the F5) to create a tunnel between the two ends... Then you should be able to doit without any NAT or SNAT (Hmm... Didn't consider whether last-hop would work with that yet, or how performance would go).
Deb... What's the chances of an RFE giving us tunnels between pairs of F5's?
H
Thanks for your idea. It's a great idea to use tunnels to make this possible, but it have to be port by port and pass tcp packet only. Although we most likely will use tcp only but the port number is random. It hard to pre-open all the ports.