Forum Discussion

Bhavesh_Kumar's avatar
Bhavesh_Kumar
Icon for Nimbostratus rankNimbostratus
Jul 08, 2014

NAT Exemption for Internal Subnets on 11.1.X

We have few forwarding Virtual Server for our intrnal subnets i.e. 10.10.10.0/24, 10.10.11.0/24 with FastL4 protocol profile. We also have outbound SNAT for these internal subnet to public IP 66.x.x.x

 

We are able to access internet and I could see that the internal IP tranlated to 66.x.x.x

 

The probelm is when I try to access any server from 10.10.10.0/24 to 10.10.11.0/24 the souce packet get translated to 66.x.x.x

 

I don't want the internal communication between the subnet to be translated. What can I do for it?

 

  • yes I did it but didn't worked.

     

    When I put IRule for both the VS then its started working. Thanks for your help.

     

  • I have created the IRule and placed it on 10.10.11.x/24 VS but I still see that NAT is happening. Any idea what is causing this issue?

     

  • Emad's avatar
    Emad
    Icon for Cirrostratus rankCirrostratus

    it would be placed with outbound traffic VS which in case will be Destination VS 10.10.11.x/24.

     

    Mean VS which have Source: any, Destination: 10.10.11.x/24

     

  • Emad's avatar
    Emad
    Icon for Cirrostratus rankCirrostratus

    You can use following IRule and modify as per your requirement.

    when CLIENT_ACCEPTED {
        if {[IP::addr [IP::client_addr] equals 10.10.10.0/24]}{
            snat none        
            }
        }