Forum Discussion
davidfisher
Aug 11, 2018Cirrus
My Working Config
POOLS USED:
root@(bigip1)(cfg-sync Disconnected)(Active)(/Common)(tmos) list ltm pool ftp-port21-only
ltm pool ftp-port21-only {
members {
10.1.20.100:ftp {
address 10.1.20.100
session monitor-enabled
state down
}
}
monitor gateway_icmp
}
VIRTUALS SERVERS
The initial VS 1 which is required in the config to offload the SSL and no pool
root@(bigip1)(cfg-sync Disconnected)(Active)(/Common)(tmos) list ltm virtual SSL-FTP
ltm virtual SSL-FTP {
destination 10.128.10.102:ftp
ip-protocol tcp
mask 255.255.255.255
profiles {
ftp-ssl-profile {
context clientside
}
ftp-tcp-profile { }
}
rules {
ftp-ssl-irule
}
source 0.0.0.0/0
translate-address enabled
translate-port enabled
vs-index 15
}
The Second VS needed on a different unused IP
root@(bigip1)(cfg-sync Disconnected)(Active)(/Common)(tmos) list ltm virtual ftpvs2
ltm virtual ftpvs2 {
destination 10.128.10.103:any
ip-protocol tcp
mask 255.255.255.255
pool ftp-port21-only
profiles {
tcp { }
}
rules {
ftpvs2
}
source 0.0.0.0/0
translate-address enabled
translate-port disabled
vs-index 17
}
The third VS with the pool again.
root@(bigip1)(cfg-sync Disconnected)(Active)(/Common)(tmos) list ltm virtual FTP-all-ports
ltm virtual FTP-all-ports {
destination 10.128.10.102:any
ip-protocol tcp
mask 255.255.255.255
pool ftp-port21-only
profiles {
ftp-ssl-profile {
context clientside
}
tcp { }
}
rules {
ftp-port-read
ftpvs3
}
source 0.0.0.0/0
translate-address enabled
translate-port disabled
}
vs-index 16