Forum Discussion

cpatte7372_2378's avatar
cpatte7372_2378
Icon for Nimbostratus rankNimbostratus
Dec 18, 2015

Unable to Communicate Web Console or Access Virtual Web Servers for BIG-IP LTM

Hello All,

 

My first posting here.

 

I'm practising BIG-IP LTM using the VE edition with vSphere Client on ESXi5.5. I'm following the CBT Nuggets. The video shows on how create a BIG-IP LTM lab using VM Workstation. However, as I've just mentioned, I'm using vSphere on ESXi5.5

 

I have configured my ESXi.5.5 as follows:

 

The above says Workstation, but its ESXi5.5

 

 

The configuration on my ESXi5.5 looks as follows:

 

My PC has an interface in VMnet0 and has an IP address 192.168.1.3/24. The BIG-IP has an external address of 192.168.1.145 and an internal address of 10.2.0.145(There is also a management address of 10.1.0.145, but we don't have to worry about that for now.)

 

I can ping 192.168.1.145 from my PC but I can't ping any of the servers 10.2.0.11, 10.2.0.22 or 10.2.0.33. Furthermore, the F5 also can't ping any of the servers from its external address 192.168.1.145.

 

Can someone please tell me where I'm going wrong?

 

Your help will be much appreciated.

 

Cheers

 

Carlton

 

application delivery
BIG-IP
LTM

1 Reply

Sort By
  • StephanManthey's avatar
    StephanManthey
    Icon for MVP rankMVP
    Dec 20, 2015

    Hi Carlton,

     

    a virtual server will respond to an ICMP echo request (as long as you are not disabling it in the virtual address properties).

     

    So do self IPs. In both cases the ping will be answered for IPs bound to the inbound VLAN only. Thats why your external client cannot ping the internal self IP of 10.3.0.145.

     

    As long as your virtual server is of type host (/32 address range) and has destination address translation enabled it will not be able to forward ICMP echo requests to your pool members. This can be done by using forwarding virtual servers only with ANY protocol enabled and using SNAT supporting ANY protocol as well (global setting).

     

    In your environment the BIG-IP should be able to ping the real servers from its internal self IP i.e.:

     

    10.3.0.145/8 <-> 10.2.0.11/8

     

    Btw, I´m wondering about the network configuration as the IP ranges of management interface and internal network overlap. This cannot be configured (without using routing domains).

     

    In case you are using /24 subnets you want to configure a route (network -> routes) to describe the next hop how to reach the internal servers.

     

    ESX 5.5 should be fine generally. Your internal switches are configured accordingly?

     

    Thanks, Stephan