Forum Discussion

Nimbostratus

Sep 19, 2018

Assign a specific subnet address to user for snat.

How to assign a specific subnet address to user for snat, just as following: when CLIENT_ACCEPTED { if {[class match [IP::client_addr] equals data_group]} { snat 10.1.1.0/24* or 10.1.1.0...

Employee

Sep 19, 2018

What I assume you're trying to do is assign a full subnet as the set of available SNAT addresses (10.1.1.1 - 10.1.1.254), and if so, you cannot do it this way.

You could probably programmatically expand the subnet values in the iRule, but the more optimal solution would simply be to create a SNAT pool with the desired IPs. You could even script this:

!/bin/bash 

tmsh create ltm snatpool snatfoo members add { 10.1.1.1 }
for i in {2..254}; do tmsh modify ltm snatpool snatfoo members add { 10.1.1.$i }; done

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Assign a specific subnet address to user for snat.

F5 Academy at AppWorld 2026

Aswin MK - November 2025 Featured Member

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

CVE mitigation on F5 XC vs classic F5 WAF

F5 XC 503 upstream_reset_before_response_started{protocol_error}

UCS Encryption Question

BIG-IP VE: 40G Throughput from 4x10G physical NICs

JSON Web Key Set Endpoint

Related Content

APM variable assign examples

MAC address assignment in F5

Virtual address from address list is down after assignment to VS

APM-Specific Features for Securing Your Website

Mitigating OWASP API Security Risk: Mass Assignment using F5 BIG-IP

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS