Forum Discussion

Nimbostratus

Jul 18, 2012

Having trouble with destination based SNAT irule

We are looking to implement destination based SNAT via iRule where all traffic destined to RFC 1918 space does not get SNAT outbound and it retains its private addressing, all other traffic destined t...

Nimbostratus

Jul 19, 2012

Doesn't help with the general case that much but I think this can solve this specific problem.

when CLIENT_ACCEPTED {

set local [IP::local_addr]

switch -glob $local {

10.* {

log local0. "MATCH NO SNAT CLASS"

snat none

}

172.1[6-9].* -

172.2[0-9].* -

172.3[0-1].* {

log local0. "MATCH NO SNAT CLASS"

snat none

}

192.168.* {

log local0. "MATCH NO SNAT CLASS"

snat none

}

default {

log local0. "MATCH AND SNAT"

snat 1.1.1.1

}

Not ideal, I agree, but hopefully the route domain handling with classes will get fixed soon.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Having trouble with destination based SNAT irule

Recent Discussions

Reporting Help Needed

Switch ssl profile based on weak cipher detection via IRULE

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

full-proxy HTTP2

Related Content

Trouble with TCP::option set 28

Trouble applying GoDaddy certificate to a virtual server

Destination address at F5

Different policies same destination and pool

Trouble redirecting on APM rejection.

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS