Using BIG IP LTM on a internal only network, for management and load balancing

Question

I cannot find the documentation on how to do this.&nbsp;
I have a network where the traffic coming in and coming out is on the same network. I have idea how to setup the LTM so I can use it and manage it from the network.&nbsp;
I ran the config command from the cli and went through the setup of ip/netmask and gw. After that I was able to get to the gui and setup everything else, I created nodes, added them to apool and assigned a pool to a VS. No traffic was hitting my servers when I tried the VIP, then I found the selfIP portion but it looks like it cannot be overlapping with the management IP.&nbsp;
I am not clear on what is the point of the self IP, and also can it be used for management?&nbsp;
I simply want to be able to have a management port on 192.168.69.50, and have traffic be routed to other machines on the same subnet if I hit the VIP address.&nbsp;

patrik_jonsson · Answer

Hi!
You need to have at least one self IP where the traffic can come in. The management interface is solely for management traffic and can't be used for actual traffic.&nbsp;
If I were you I'd do it this way:&nbsp;
Connect to the management interface via console (if it's a virtual machine) or directly to the management port if it's a physical machine.Configure a temporary ip for management, ie 10.0.0.1 (this will not be used later)Then create a self IP via tmsh:
tmsh create net self selfipname address 192.168.69.50/24 allow-service default vlan External&nbsp;
Replace selfipname with then name you want for the self IP (only used for labeling purposes)&nbsp;
Now you should be able to connect to the IP you chose and manage the BigIP while traffic will reach your VIPs.&nbsp;
Let me know if my instructions were not clear.&nbsp;
Good luck!&nbsp;

gleb_zverinskiy · Answer

Thanks you for the help, I was able to set it up and get it working.&nbsp;
1) reset all network configuration 
http://support.f5.com/kb/en-us/solutions/public/13000/100/sol13127.html
2)configure the management ip to some address that is not used(192.168.150.2)
3)Use a linux machine and create a virtual nic on the same subnet
ifconfig eth0:1 192.168.150.3 netmask 255.255.255.0
4)use web browser from that linux machine to login in to the f5 gui
5)configure internal vlan and self ip
Configuration 
Name 192.168.69.50
Partition / Path Common
IP Address 10.110.81.30
Netmask
VLAN / Tunnel
Port Lockdown
Traffic Group
 Inherit traffic group from current partition / path
6)test by loggin into the self IP, I was able to reach the gui
7)created a test server using iApps template f5.http, and was able to hit my webserver using the VIP I created&nbsp;

Forum Discussion

Using BIG IP LTM on a internal only network, for management and load balancing

2 Replies

Recent Discussions

Error while running ansible

ASM instance creation

[ASM] - what is "Browser Challange file" ?

[ASM] - HTML5 Cross-Domain Request Enforcement - CLI command

Reverse Proxy Not Behaving

Related Content

Using F5 for load balancing internal traffic

Active/Active load balancing examples with F5 BIG-IP and Azure load balancer

Minimizing Security Complexity: Managing Distributed WAF Policies

Practical considerations for using Azure internal load balancer and BIG-IP

NGINX Management Suite API Connectivity Manager - Modern API driven Applications