Forum Discussion

Nicolas_ROMERO_'s avatar
Nicolas_ROMERO_
Icon for Nimbostratus rankNimbostratus
Dec 30, 2015

iRule SNAT for multiple ISP

Hi,   I tried to configure an iRule to SNAT specific LAN to a specific ISP (wan link). When I bind this iRule to my default VS (in fastL4) the iRule doesn't match when I generate traffic from my l...
application delivery
iRules
isp
LTM
snat
Kai_Wilke's avatar
Kai_Wilke
Icon for MVP rankMVP
Jan 08, 2016

Hi Nicolas,

I guess I've found the problem. The default-VS needs to be changed to "Forwarding (IP)" mode, with Destination Address/Mask 0.0.0.0/0, global SNATPOOL settings for ISP2 and point the default route to Y.Y.Y.1. Delete the conditional SNAT rules and also the default_gw_pool.

Then attach the iRule below to overwrite SNAT and default route for the two additional networks to ISP1.

 

when CLIENT_ACCEPTED { 
    log local0. "VS Reached"
    if { ( [IP::addr [IP::client_addr] 10.32.1.192/26] ) or 
         ( [IP::addr [IP::client_addr] equals 10.32.2.0/26] ) } then {
        snat X.X.X.203
        nexthop X.X.X.201 
        log local0. " -- SNAT RAS -- "
    } else {
        log local0. " -- SNAT ALL -- " 
    } 
}

 

Cheers, Kai