Forum Discussion

Nimbostratus

Sep 19, 2018

Assign a specific subnet address to user for snat.

How to assign a specific subnet address to user for snat, just as following: when CLIENT_ACCEPTED { if {[class match [IP::client_addr] equals data_group]} { snat 10.1.1.0/24* or 10.1.1.0...

Employee

Sep 19, 2018

What I assume you're trying to do is assign a full subnet as the set of available SNAT addresses (10.1.1.1 - 10.1.1.254), and if so, you cannot do it this way.

You could probably programmatically expand the subnet values in the iRule, but the more optimal solution would simply be to create a SNAT pool with the desired IPs. You could even script this:

!/bin/bash 

tmsh create ltm snatpool snatfoo members add { 10.1.1.1 }
for i in {2..254}; do tmsh modify ltm snatpool snatfoo members add { 10.1.1.$i }; done

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Assign a specific subnet address to user for snat.

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

Managing iRules configuration

Recommendation for Adv. Lab

Unable to Forward APM and AFM Logs to AWS CloudWatch Using Telemetry Streaming

How to configure ssh access by key on F5OS

F5 BIG-IP DNS/Audit Logs — Structured Format for SIEM Ingestion

Related Content

APM variable assign examples

MAC address assignment in F5

Virtual address from address list is down after assignment to VS

F5 Distributed Cloud - Traffic Steering based on Client IP Address

Deny access to F5 management from specific addresses

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS