F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

Wasim_Hassan_13's avatar
Wasim_Hassan_13
Icon for Nimbostratus rankNimbostratus
Oct 07, 2013

F5 LTM One Arm and SNAT

F5------------------>|Core SW|<---------------------users VLAN (192.168.51.0) | | | | | ...
Hamish's avatar
Hamish
Icon for Cirrocumulus rankCirrocumulus
Oct 07, 2013

tcpdump is your friend. Verify that your VS is set to perform SNAT and that the pool is set to ALLOW SNAT.

 

Then setup a tcpdump to look at the traffic both between the client & VS, and between the SNAT address and the poolmembers. If you do that to a file (-w & -s options) you can then have a look at the tcp level information, AND the contents of the traffic (Assuming it's either HTTP or you have access to the keys to decrypt).

 

Verify that when you make a connection from the client to the VS you get clean tcp connection. And see the request come in. And for the snat to poolmember connection you see the connection opened and the request go out. Then verify the respinses that come back as well).

 

Also verify any errors in /var/log/ltm if you have iRules configured for example.

 

H