Different Route's for Different Subnets on the same partition
Hi Guys, When someone set up our F5 they created multiple partitions for different segments. We are trying to reconfigure the F5 to all everything running from the common partition. We currently have our public wifi authentication happening via the F5 on a subnet 167.98.X.X/28. That is working fine because we have a route with 0.0.0.0/0 to the correct gateway. I also want to create VS with the subnet 10.205.1.X/24 Now we have the self ip's in place, and the Vlans are in the same route domain (0). The issue I am facing is I can get to the back end of the VS, however if I remove the default route for the public wifi and add the gateway for the 10.205.1.x network I can then access that but not the public Wi-Fi. Can anyone help or provide a suggestion as to how I can get both subnets working on the same partition?
vCMP Host and Guest Communication
Hi All, I'm having some difficulty with some pre-testing that I'm doing for a vCMP Host - Guest design and hoping somebody here could steer me in the right direction. Basically, the deployment is very restrictive in terms of isolation so for each environment (UAT/PPD/PRD) we have presentation, abstraction and database networks. Due to the restrictive nature of the deployment where each environment network needs to be firewalled off (L3 gateway for each subnet is the firewall), the only way I have found to achieve the isolation restrictions is to create 3 x RDs per administration partition referencing each environment and defining a unique RD default gateway for each subnet for each environment. What I'm wanting to do is some pre-testing to verify my configuration by creating a self IP on the vCMP host in each VLAN for each environment and verify that the strict isolation requirements are working and that I can ping from a specific RD on the guest to an IP address in a different network on the vCMP host. I can ping from the vCMP guest to each of the self IP addresses defined on the vCMP host, confirming that the VLANs are presented between vCMP host and guest. The problem is that I never get an echo reply back from the vCMP host when trying to ping outside of the local route domain subnet. An example: UAT Presentation network is 192.168.8.0/24, can ping 192.168.8.1 on vCMP host (VLAN 180) (self IP 8.252, floating IP 8.254). I can ping from host to vADC and vADC to host ok. (route domain 8) UAT Abstraction network is 192.168.9.0/24, can ping 192.168.9.1 on vCMP host (VLAN 190) (self IP 9.252, floating IP 9.254). I can ping from host to vADC and vADC to host ok. (route domain 9) What fails is pinging from route domain 8 to the vCMP host IP 192.168.9.1. If I tcpdump on the vCMP host, I see the echo request come in on the Presentation network interface on the vCMP host but never get a echo reply. Update: I'm guessing but I think my issue is that I'm trying to route through a self IP/floating IP. The only way this would work is if I had a forwarding VIP setup in the appropriate zones and that IP address was used as next hop right? I don't think this could work as vCMP host is dedicated to vCMP only and isn't running LTM. Therefore I cannot define a forward VIP and this testing is flawed. Can somebody please verify that my comment is correct? Would be hugely appreciated. Cheers, Andy.