F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

sstafford's avatar
sstafford
Icon for Nimbostratus rankNimbostratus
Dec 15, 2009

Irules and Internet connections for Servers with non-routable IP addresses

Hi all,     I have a situation I'm trying to address via an iRule on the BigIP, and wanted to see what you think.     We have an internal vlan routed by an F5 that consists of pr...
application delivery
dev
devops
iRules
sstafford's avatar
sstafford
Icon for Nimbostratus rankNimbostratus
Dec 16, 2009
Ok, think I've got it. 

 
 when CLIENT_ACCEPTED { 
 check to see if client ip is in the class 
 if { [matchclass [IP::client_addr] equals $::privateOnCampus] } { 
 Check to see if the remote ip is in the class 
 Since this is an outgoing connection, it will use IP::local_addr 
 if { [matchclass [IP::local_addr] equals $::offCampusServers] } { 
 if both of the above are correct, log it, and snat it 
 log local0. "Match [IP::client_addr] server [IP::local_addr]" 
 snat 152.19.240.2 
 } else { 
 if no match forward without address rewrite. 
 forward 
 }  
 }  
 }