VIP forwarding with only F5 BIG ASM

Question

Hello Community,
In my client, we have a virtual edition of a F5 BIG ASM (without LTM) and we need to F5 route the nodes request to other networks. The nodes have a F5 as default gateway but, when they try to go out, the comunication dont pass the F5. My question is F5 with only F5 BIG ASM (without LTM) have the posibilty to have a VIP forwarding? With other appliance with LTM dont have these problem, these is the first time that i see these behavior.&nbsp;
The Hypervisor is Huawei Open Cloud and we use the KVM iso.&nbsp;
Thanks&nbsp;
Christian García&nbsp;

youssef1 · Answer

Hi&nbsp;
you do not need to have LTM for FW traffic.&nbsp;
You confirm the following point:&nbsp;
Create a wildcard VS 0.0.0.0:* (L4)uncheck "Address Translation" and "Port Translation"In your pool you have to set a node that will be the GW of F5 (1.2.3.4:*)Don't forget to set snat automap
Using TCPDUMP check that client request reach F5 on self IP (or floating IP if you have a cluster):&nbsp;
tcpdump -nni 0.0 host client-ip and host self/floatingIP&nbsp;
Regards&nbsp;

Forum Discussion

VIP forwarding with only F5 BIG ASM

1 Reply

Recent Discussions

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

Pricing when used with aws waf

F5 terminal - help to run commands - disk space full

import live updates from version x to version y

Tenant image upgrade

Related Content

Bidirectional Forwarding Detection (BFD) Protocol Cheat Sheet

F5 DNS Forwarding

Nodes forwarding

X-Forwarded-For on L4 VS

TCP Option 28 X-Forwarded-For Header