Forum Discussion

Nimbostratus

Jan 15, 2009

VNP Configuration Behind Link Controller

Hi, Just wondering , has anyone done a VPN termination which terminates on a firewall behind an F5 link Controller. I think that my configuration is Ok but the IKE tunnel is always in MM_WAIT_...

config

design

JRahm

Admin

Jan 16, 2009

port usage for nat is tricky based on many factors, including whether your firewall is the initiator or the responder, or possible to be both. You may need a default forwarder 0.0.0.0:0 outbound from your firewall connected vlan unless you know all your peer endpoints, but you might get by with 500/4500 udp ports enabled in both directions. I doubt this will cover every scenario, however, because whereas a stateful firewall will build the chain to return a packet sourced to your allowed destination (in this case, 500/4500), the LTM will not.

Forum Discussion

VNP Configuration Behind Link Controller

Recent Discussions

Disk space full - what files, folders are safe to delete?

ASM instance creation

BIG-IP DNS: Check Status Of Multiple Monitors Against Pool Member

Open Redirection Mitigation

F5Access | MacOS Sonoma

Related Content

JWT authorization with NGINX Ingress Controller

Distributed caching of authentication requests with NGINX Ingress Controller

API Security: How to implement API Access Control with F5

Overview of API Access Control and implementing API key access control with BIG-IP APM

Using BIG-IP Kubernetes Gateway API Controller