Forum Discussion

Nimbostratus

Dec 30, 2015

iRule SNAT for multiple ISP

Hi, I tried to configure an iRule to SNAT specific LAN to a specific ISP (wan link). When I bind this iRule to my default VS (in fastL4) the iRule doesn't match when I generate traffic from my l...

Employee

Dec 30, 2015

On 11.5.3, I tried a somewhat simplified version, and it works as I expect:

when CLIENT_ACCEPTED {
    if { [IP::addr [IP::client_addr] equals "192.168.0.0/16"] or [IP::addr [IP::client_addr] equals "10.11.201.0/24"] } {
        snat automap
        log local0. " -- YES -- "
    }
    else {
        log local0. " -- NO -- "
    }
}

when applied to a "Performance (L4)" Virtual Server with no other alterations. I also tried it with a "Forwarding (IP)" Virtual Server with a VIP of 0.0.0.0/0. It works in that case, too.

You may consider adding a logging statement at the head of the rule to ensure that it is firing, and if so, add additional logging to capture the relevant values (e.g., [IP::client_addr]).

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

iRule SNAT for multiple ISP

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

SNAT using the same source IP on Multiple LTM's

Create iRule condition with matching client IP from multiple IP subnet

SNAT Automap

SNAT using Proxy SSL

POST multiple object single curl

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS