F5 vs. NetScaler - Outbound FTP traffic load balancing
Hello guys,
Me again. Please
Please, I would like to figure out what is happening in a NetScaler to F5 migration environment. Everything was fine until a FTP issue was reported. People inside the network were not able to transfer files via FTP towards servers in the Internet. I have a 0.0.0.0/0:0 wildcard server to load balance outbound traffic to the Internet across three ISPs. There is no device between the Internet routers and the F5 HA (11.2.1) deployment. I think that there is no issue in connectivity due to the user can open a session in the FTP server by using command line; indeed, the port can be opened from the workstation inside the network. But, there is no chance to transfer files by using an FTP app. I have sniffed the FTP traffic in the firewall and the F5 HA system and compared the .cap files to the NetScaler captures. I have seen that with NetScaler the client sends the PASV command and the connection is established and everything works fine. On the other hand, with F5 the client tries to establish the connection in active mode and it always do that. First, I thought that there is an application layer issue, but I changed my mind when I saw the captures and realized that the PASV command was not being sent when using F5 whereas in NetScaler such command is sent.
Do I need to configure an 0.0.0.0/0:21 virtual server to overcome this as it said in http://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/ltm-implementations-11-1-0/21.html ? It is supposed that the wildcard (0.0.0.0/0:0) must handle this kind of traffic without problems.
Thanks in advance for your help.
Regards
George