Forum Discussion
1 Reply
- Lee_SutcliffeNacreous
You can use an IP forwarding virtual server to effectively turn your F5 into a router. F5 is a deny by default device, but a Forwarding VS on 0.0.0.0/0 will accept any traffic and forward it to onward destination.
Additionally you can make the forwarding VS only forward traffic that is sourced from a particular network and only forward traffic matching a particular subnet such as 10.10.0.0/16
So for an example, you might want to have a forwarding VS on an interface permitting web servers outbound internet access. Or you might want to allow users to connect through the external interface and be forwarded to web servers in the internal interface.
As for traffic flow, as mentioned before, F5 treats the flow much like a router (especially if loose initiation is configured in the TCP profile) The connection is not proxied like it would be for a traditional (standard VS) so is not terminated on your F5
Further reading can be found here: https://support.f5.com/csp/article/K7595