Forum Discussion
BigIP Remove the source address of host
Hi,
I have problem with F5 BigIp, i have created vip ip address (192.168.1.3) for two nodes (192.168.1.1 and 192.168.1.2)
any client ( example 10.1.1.1) access the virtual ip (192.168.1.3) will be shown at the servers as ip address of BigIp not the client address( 10.1.1.1), how can i let the BigIP show the ip address of host instead of ip address of self ip.
i have attached one photo for clarification
thanks BigIP expert :):):)
- nitass
Employee
first of all, i'm not an expert but just wann help if i can. :-) - al_kabeer_2905
Nimbostratus
hi and thx for reply, - Hamish
Cirrocumulus
SNAT is literally Source-NAT. Basically its telling the VS to act as a proxy... So the backend (Poolmembers) see the IP connection coming from one of the BigIP's addresses (Automap will use the floating self-ip of the interface that routes to the poolmembers). - al_kabeer_2905
Nimbostratus
when i put the snat none, the virtual server is not working - Hamish
Cirrocumulus
About 5 items below the SNAT option when configuring the Virtual Server. There's separate options for 'Address Translation' and 'Port Translation'. Select both. Then make sure the default gateway back to the client IP is via the F5 floating self-ip address that directly connects to the poolmembers. (I suspect that's already done, unless you were running the poolmembers in a kind of n-path configuration)I think it's more likely that the only thing wrong is your poolmembers are routing back direct to the client via a separate router, since it looks like you're running the F5 single armed (Sorry, can't see your picture, so no network diagram to verify)...
- nitass
Employee
- al_kabeer_2905
Nimbostratus
hi, in the attachment there is full diagram of what i am discussing - hoolio
Cirrostratus
As Nitass and Hamish have suggested, if you have the default gateway on 192.168.1.1 and 192.168.1.2 set to the LTM self IP on the 192.168.1.0/24 subnet, you can set SNAT on the virtual server to none and the servers will see the original client IP address. As Hamish said, make sure to leave (destination) address and (destination) port translation enable on the virtual server properties. - al_kabeer_2905
Nimbostratus
thanks Boss for yr reply i will try it and give my feedback - al_kabeer_2905
Nimbostratus
i have tried it i cant remote desktop or access http servers now , since i change the default gateway to ip of Bigip not coreswitch
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com