F5 DNS behind a paloalto firewall

Question

I'm looking for documentation for using F5 DNS behind a paloalto firewall in 2 sperate data centers. F5 has no public IP addresses, I am NATing the External IP address for a virtual server with the PAN. The listeners are also NATed. When I make a DNS query to the public IP for the listener it resolves but with only private IP addresses of the virtual servers.  F5 DNS and LTM are on the same system.

jsipes · Answer

Got it! You have to create the VS in DNS&gt;&gt; GSLB: Servers: Server List &gt;&gt; Virtual Servers and fill out the Translation Address with Private IP and the address with the public IP.  Letting DNS discover the Virtual Servers does not let you change the address.  Turn off discover and add them manually.

Forum Discussion

F5 DNS behind a paloalto firewall

1 Reply

Recent Discussions

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5Access | MacOS Sonoma

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

Related Content

F5 AFM/Edge Firewall and the difference between Edge Firewalls and Next-generation Firewalls (NGFW)

Deploy F5 and PaloAlto in Azure with this demo

Integrating SSL Orchestrator with CheckPoint Firewall VM-Explicit Proxy

Integrating SSL Orchestrator with CheckPoint Firewall VM-Bridge Mode (L2)

BIG-IP Advanced Firewall Manager (AFM) DNS NXDOMAIN Query Attack Type Walkthrough - part two