Virtual IP one way

Question

Just trying to understand the difference between Virtual IP and Nat IP&nbsp;
I have a vlan 50 that routable in my network and vlan 51 thats not&nbsp;
I create a virtual IP with vlan 50 and a node thats on vlan 51
From the node I can ping other virtual F5 vlan 50 IP on itself but cant ping any vlan 50 outside the F5&nbsp;
But if I create a NAT with inside and outside of 51/50,From the vlan 51 IP I can ping all vlan 51 IPs on the network.&nbsp;
Why is that? Is virtual IP only 1 way?&nbsp;

andreas_lamprec · Answer

LTM does not forward any IP packets for traffic it is not "responsible" for.
If you create a VIP on a port, LTM will forward traffic for this VIP/port to the backend servers. But any traffic from that backend servers to anywhere on the "other side" of LTM is not forwarded by default.&nbsp;
You need to create a "Traffic forwarder" virtual server which is of type "forwarding (IP)" and reacts to 0.0.0.0/0.0.0.0 as Destination Network on "* All Ports" and for "* All Protocols".
This virtual server has then be enabled on all vlans where you want the LTM to forward traffic.&nbsp;
As a last step, you need to route your VLAN 51 network to the VLAN 50 address of LTM and also put the VLAN51 address of LTM as default gateway on the nodes in VLAN51.&nbsp;

Forum Discussion

Virtual IP one way

1 Reply

Recent Discussions

BIG-IP DNS: Check Status Of Multiple Monitors Against Pool Member

Open Redirection Mitigation

F5Access | MacOS Sonoma

enable tls1.2 on management interface on F5 ltm running version 10.x

[ASM] - what is "Browser Challenge file" ?

Related Content

Integrating SSL Orchestrator with Fortinet FortiGate Virtual Edition as a Virtual Wire

Create F5 BIG-IP Next Instance on Proxmox Virtual Environment

Quick Optimizations for F5 BIG-IP Virtual Edition

Virtual Server graphical App for F5 LTM

Virtual-wire Configuration and Troubleshooting