Automap/SNAT when servers are on a different internal VLAN and VS's are on an external VLAN

Question

We deliberately place servers to be load balanced on an internal VLAN and VS's on an external. More and more frequently I have having to setup AutoMap or an SNAT pool because servers on the internal network want to use services provided by a different VS than the one they are on.&nbsp;
We also use iApps to try and get some level of consistency. To setup automap or SNAT you have to lie to the iApp and say the servers are a different network than they really are. Or you can write an iRule to SNAT the packet based on source and destination, but that's not something I tried yet.&nbsp;
What are others doing when the situation presents itself? Thanks in advance.&nbsp;

yann_desmarest · Answer

Hello,&nbsp;
When you configure automap on your VS, the source IP is translated by the best matching self ip floating or physical, there is an article that talk about precedence: https://support.f5.com/kb/en-us/solutions/public/7000/300/sol7336.html?sr=53737667&nbsp;
Regarding tbe ways to configure,I think you have one more using ltm policies.&nbsp;

Forum Discussion

Automap/SNAT when servers are on a different internal VLAN and VS's are on an external VLAN

1 Reply

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

Same LTM Monitor applied to different Pools with Common Nodes

irule execution error

F5 AWAF/ASM learning only from Trusted traffic?

OWA File Upload URIs for WAF Bypass

Curl 7.10.5 < 8.12.0 Integer Overflow (CVE-2025-0725)

Related Content

Kill SNAT AutoMap!

SNAT Automap

snat vs automap, whats the difference?

How to ensure source address and source port are accepted and traversed properly via F5 SNAT automap

TCP Internals: 3-way Handshake and Sequence Numbers Explained

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS