F5 AFM Source / Destination NAT

Hi Harish_Babu , 

While the transulation hasn't happened for TCP and the Bigip AFM ACL Allow this for TCP .... let we suspect the issue in the forwarding Virtual server >> it works for ( ICMP and UDP ) but TCP not.

maybe this is an issue because all tcp traffic distributed accross all tmms from single IP which is not the proper thing for TCP ( connection-oriented ) so we need to make tcp sessions to be handled accross single tmm per user. 

So open Vlan ( Src Vlan /Common/INTERNAL_VLAN ) >>> switch ( Configuration to advanced instead od basic ) >>> change CMP-Hash ( from default to source address ) if not worked change it to ( source and destination and port ). 

If not worked. 
Take a packet capture for sample ip using this command : 

tcpdump -vvnni 0.0:nnnp host <src_IP> -s0 -vw /var/tmp/Test_tcp.pcap

 and let me have a look. 

Another approach: 

Can you run this test of udp and tcp on packet tester on gui as well >>> I need you to detect the policy and rule name which allowed this connection. 

you are using only one policy in global context with " allow decisively " action , is that correct ?