AFM rule match with actual internal IP or SNAT IP of virtual server?

Question

Any one suggest me? F5 at gateway connected to internet and acting as a firewall.

Virtual server : IP forward

Destination IP: 8.8.8.x

Source IP: 192.168.x.x

SNAT IP: 4.4.4.x

I need to build the AFM rules for this and apply to global context.

what is order of here, Flow will check the AFM rule or listener first?

nag · Answer

&nbsp;&nbsp;Hi&nbsp;Its the Global Context AFM rules first.Hope this Helps.&nbsp;Let me know if you have any questions.&nbsp;Nag&nbsp;

ironman · Answer

Thanks Nag,&nbsp;I have two questions, &nbsp;1, I have Virtual server : IP forward , is it act as listener or Virtual server? in Diagram i can see it is has to match listener?&nbsp;2, In case I have Standard virtual server, How this flow? is it same like, it is check the rule first and go for virtual?&nbsp;&nbsp;&nbsp;

ironman · Answer

Hi Nag, if i don,t have matching Listener virtual server for same flow with Global context rule allowed for same flow, what would be call?

Forum Discussion

AFM rule match with actual internal IP or SNAT IP of virtual server?

3 Replies

Recent Discussions

Import PKCS 12 SSL to Device Certificate via API/Script or CLI on BIG-IP

Help with URL Masking

F5 iRule to replace host to path

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5 Rseries R2600 Tenant sizing

Related Content

2 internal server vlans

After applied ASM Policy to Virtual Server, connections will reset with Internal error in log

Use BIG-IP LTM Virtual Server & iRule for an internal "What's My IP" website

Check a Virtual Server's SSL Status

iControl REST Cookbook - Virtual Server (ltm virtual)