Forum Discussion
Les_54346
Feb 06, 2009Nimbostratus
Hi everyone,
I'm new to the f5 scene, as this post will make obvious, and have searched for an answer to my question for a couple of hours before tagging this question onto a likely thread: sorry if it's misplaced.
Tacking onto the above: we have a cluster of BIG-IP 6400s which have multiple VLANs on a single internal interface. The problem is that the boxes were purchased and set up with the VLANs "sold" as DMZs. Unfortunately the f5s route between the so called DMZs via the trunk interface, therefore making the whole setup unsafe. We are considering purchasing firewalls to put behind the f5s to separate the VLANs, which seems a little expensive.
Thus to my question: is there an easy configuration which switches off all routing between VLANS on the same internal interface of the f5? If there is a more complicated way, could someone give me a pointer so that I can go and talk to our networkers (me, I'm just a project manager, so the answer I received that there's no way to switch of the routing or limit it simply stands unless I receive information to qualify it).
As far as the boxes go, I'm pretty pleased with the result, but the possible purchase of additional firewalls certainly questions the economic viability of investing in further boxes.
Best regards and thanks for all suggestions in advance
les