Forum Discussion
tranchungdt5_93
Jun 08, 2009Nimbostratus
LinkController without SNAT ?
Hi all.
I have a box BIG-IP LTM (with license both of LTM & LinkController ).
I have 2 ADSL as:
---------------- ------------------
- 203.162.0.x - - 210.245.0.y -
---------------- ------------------
| |
| |
| |
---------------------------------------------------
- 203.162.0.1 210.245.0.1 -
- F5 LTM -
- 172.16.1.x
---------------------------------------------------
|
ASA 5550
|
|
Clients
-------------------------------------------------
I have Vir 203.162.0.10 & Vir 210.245.0.10 for Inbound with SNAT. (Pool is server 's ip ASA). SNAT make BIG-IP choose correct gate-way to go out.
And the IP forwarding for ASA to outbound.
Default-gateway of BIG-IP is pool (203.162.0.1; 210.245.0.1) .
But I wonder that, SNAT make Sever can't collection information about Internet User (ip address).
1. Can I config LTM without SNAT in this situation ?
2. I need config LinkController for VPN site to site from Cisco Router800 (in Internet) to ASA5550. I wonder SNAT make ASA not understand Cisco Router 's ip add and can't make tunnel VPN.
Any body have the same problem?
Plz, help me.
Chung Tran
- hooleylistCirrostratusYou can enable SNAT on the outbound virtual server and not enable SNAT on the inbound virtual server(s) which load balance requests from the external VLAN to the server(s).
- tranchungdt5_93NimbostratusThk alot Aeron. But Could you explain me more ?
- hooleylistCirrostratusYou could enable SNAT (using automap or a SNAT pool) on the virtual server which allows access from the internal VLAN to the internet and not enable SNAT on the virtual server(s) which allow external clients to access your site(s).
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects