Forum Discussion
nitass_89166
Noctilucent
I can see an SMTP request from the DMZ SMTP server to another server hit the F5 on the DMZ vlan interface by doing a tcpdump. I don't see it exit the box on the other vlan interface that faces the internet firewall.
if route is there, you should see egress packet. if you want, you can try wildcard performance layer 4 virtual server (instead of wildcard ip forwarding virtual server) and use gateway (192.168.120.254%1:any) as a pool.
when you did not see packet out, did you see reset? if yes, you may try to log reset cause.
sol13223: Configuring the BIG-IP system to log TCP RST packets
https://support.f5.com/kb/en-us/solutions/public/13000/200/sol13223.html
flicky2000_1616
Jun 05, 2015Nimbostratus
no RST seen. This is the tcpdump from the DMZ vlan on the F5: