Forum Discussion

Nimbostratus

Apr 13, 2011

Access to internet - issue from internal VLAN with SNAT

I need to configure an F5-LC to permit the hosts in the Internal VLAN have access to internet, and trying to use a SNAT: · SNAT_Lab o ...

Nimbostratus

Apr 14, 2011

Hi JB,

a couple of things:

1) set the SNAT to automap - once we get it working you can then use your own SNAT addresses (which will usually be IP's on the external VLAN, not of another device!)

2) Set the VLAN traffic to the internal VLAN ONLY

3) If you must use a virtual server for the outbound traffic it'll be a wildcard VS (0.0.0.0:*) to allow all traffic out. The pool will be the gateway(s) of the BigIP. You also need to turn off address and port translation of the VS in this configuration (to send traffic THROUGH rather than TO the gateway).

Hope this helps!

If you're still stuck, take a tcpdump!

Chris

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Access to internet - issue from internal VLAN with SNAT

Recent Discussions

F5 - AS3 - BIGIQ / BIGIP SchemaVersion Missunderstanding

F5OS API - not able to create vlan

F5 APM - limiting access to the bandwidth for network Access

Change LB priority based on status

High CPU utilization (100%).

Related Content

2 internal server vlans

Unbreaking the Internet and Converting Protocols

F5 APM VPN Choking Internet Bandwidth

Create isolated environment for internal and external networks

specific internet source IP & internal IP allow

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS