Forum Discussion
NimbostratusBIG-IP LTM - Trouble with SNAT to Webserver (IIS)
Greetings,
First off I am pretty new to F5 and my team adopted some BIG-IP units that had already been configured. Basically there are 2 VLANs trunked in though a port channel. Each VLAN has 2 Self IPs, one local and one floating. There were also 2 SNAT pools configured, each with 5 IPs one for each VLAN. There was also a VIP on VLAN 2 pointing to a webserver also on VLAN 2 that is using the SNAT pool from VLAN 2. When I try to configure a new VIP on VLAN 2 pointing to a new webserver on VLAN 2 using the SNAT pool from VLAN 2, the connection fails. However the original VIP is working. Also when I switch the new VIP to use the SNAT pool from VLAN 1 that VIP starts working. Basically I need the new VIP to use the SNAT pool from VLAN 2. I ran some tcpdumps and the IPs from SNAT pool 2 never received a SYN-ACK response. Also from the IIS logs it appears there was never any connection from that SNAT pool. I also changed the pool for the new VIP to point to the same pool as the old VIP and the new VIP fails but the old VIP is still working.
I am not really what the next steps are in troubleshooting this issue and any help would be greatly appreciated.
Thanks, Scott
2 Replies
arpydaysFrom the cli do tmsh list ltm virtual xxx for both VSs and check for any differences when they point to the same pool.
scott_messler_1Virtual Servers are configured exactly the same, thanks for the tip though I've been trying to learn more about the tmos shell.
Update: I was able to connect in though SNAT pool 2 temporarily ~maybe for 5 minutes before it started rejecting connections again. I had not made any changes.
Thanks, Scott
