F5 as NAT device

Hi Steve,

 

 

Im having an issue with my NAT, i have here, i can't initiate traffic to the NAT address..did i missed something?

 

ip nat inside source static 10.157.8.84 172.26.210.84

 

ip nat outside source static 10.103.33.11 10.171.14.111

 

 

vlan 10 - inside

 

vlan 20 - outside

 

 

ltm nat /Common/172.26.210.84 {

 

inherited-traffic-group true

 

originating-address 10.157.8.84

 

traffic-group /Common/traffic-group-1

 

translation-address 172.26.210.84

 

}

 

ltm nat /Common/10.171.14.111 {

 

inherited-traffic-group true

 

originating-address 10.103.33.11

 

traffic-group /Common/traffic-group-1

 

translation-address 10.171.14.111

 

}

 

OK can you describe the IP setup on the device? Are routes available to all the relevant subnets?

 

 

Just in case, it might also be worth clicking through to System ›› Configuration : Local Traffic : General and changing the SNAT Packet Forwarding setting to All Traffic.

F5 is in between a router

 

 

router(.228/29-vlan 10)<> (.227/29 F5 .237/29) <> (.238/29-vlan 20)

 

 

 

F5 will use as NAT device bidirectional.

Thanks, so are routes available to all the relevant subnets via the correct VLANs?

yap, i have default gateway

Surely you need more than a default route? Also, please confirm it that's an LTM route or a management/HMS route?