BIG-IP : SNAT necessary if device is only gateway to internet ?
F5 BIG-IP Virtual Edition v11.4.1 (Build 635.0) LTM on ESXi
Our production BIG-IP devices are configured with virtual-servers with VIPs on public internet.
Backend sites/services are on internal subnet and have no route to internet other than through BIG-IP.
In this scenario is enabling SNAT necessary for backend sites/services to route response ( through BIG-IP ) to original client ( browser on www ) ?
Or are other mechanisms available ?
EDIT : More precisely, our backend servers are web-servers hosting various micro-sites & micro-services. In fact, some that require internet access ( to retrieve data from 3rd-party services such as Google Maps or Facebook ) do have their default gateway pointing to a forward-proxy-server we maintain specifically for that purpose. Others have their default gateway pointing to an internal switch ( no path to the internet ). AFAIK, no servers are configured with default route/gateway pointing to BIG-IP Self-IP.