Forum Discussion

vadim's avatar
Icon for Nimbostratus rankNimbostratus
Aug 10, 2022

how to set sslvpn clients external ip same as address pool leased ip and not using bigip self ip

hi i am new to F5 and i am trying to setup sslvpn solution that seems to be very simple i am using aws marketplace ltm bigip ve instance single nic configuration, bigip selfip is of network. now i have configured sslvpn to use address pool lease of in pass all trffic via bigip mode so i am expecting access internet via bigip external ip (elastic ip) and access internal resources via network but in my case all traffic getting out to internal resources via bigip self ip ( and not via clients leased ip for example ( is there a way to set sslvpn clients source ip as there leased ip?

2 Replies

  • Set the SNAT Pool Setting in your Network Access List from AutoMap to None. Correct routing for the lease pool ip addresses must be configured with this setup.

    • vadim's avatar
      Icon for Nimbostratus rankNimbostratus

      snat pool configured to none

      routing configured on aws route table assosiated to bigip instance

      on bigip itself i configured default route to aws vpc default gateway in my case

      this config works as expected, but i dont have insternet access when selecting Force all traffic through tunnel
      option. only internal resources availble