Forum Discussion

wjw_313334's avatar
wjw_313334
Icon for Nimbostratus rankNimbostratus
Sep 19, 2018

Assign a specific subnet address to user for snat.

How to assign a specific subnet address to user for snat, just as following:   when CLIENT_ACCEPTED { if {[class match [IP::client_addr] equals data_group]} { snat 10.1.1.0/24* or 10.1.1.0...
application delivery
iRules
LTM
Kevin_Stewart's avatar
Kevin_Stewart
Icon for Employee rankEmployee
Sep 19, 2018

What I assume you're trying to do is assign a full subnet as the set of available SNAT addresses (10.1.1.1 - 10.1.1.254), and if so, you cannot do it this way.

You could probably programmatically expand the subnet values in the iRule, but the more optimal solution would simply be to create a SNAT pool with the desired IPs. You could even script this:

!/bin/bash 

tmsh create ltm snatpool snatfoo members add { 10.1.1.1 }
for i in {2..254}; do tmsh modify ltm snatpool snatfoo members add { 10.1.1.$i }; done