Configuration: VS + SNAT

It looks as if your SNAT configuration would only work for internal clients trying to make a connection outbound. The SNAT listener created seems to only be listening for internal IPs and thus any connections from external IPs would have no translation. My suggestion would be to create a SNAT object and configure it to listen for all IP addresses but limit it to the Internet facing vlan. This way it will activate whenever a connection comes from outbound since connections starting within the network seem to be working properly. Then configure to SNAT to a translation address in the same network as your server. This should allow proper communication between your server and an external client.

SNAT can be configured a few different ways on the F5 device. The most common way is to have a self-ip assigned in each network you wish to communicate with and then configure the virtual server to use SNAT Automap(or SNAT pool which is only necessary if you app exceeds 64,000 concurrent connections), which automatically configures SNATing with the self-ips as the addresses to be used. In your case, you would have a self-ip on your Internet facing network and a self-ip on your internal network. Any traffic through a VS configured this way would SNAT both to and from the servers automatically. This is the way I would suggest you configure your F5 as it simplifies the process and uses a predictable IP address to send data.

If you have any questions on either solution, I am sure I can help.