For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Deena's avatar
Deena
Icon for Altocumulus rankAltocumulus
Nov 13, 2024
Solved

NAT for specific IPs

Hi All, Looking for suggestions on how I can accomplish NAT for a couple of specific IPs, without NATting all the incoming traffic.

My scenario is as following:

source client ips 10.10.10.100 & 10.10.10.102 destination VS1(10.10.20.1.), load balancers to servers 10.10.10.10 & 10.10.10.20 (same subnet as the source address). I would like to NAT traffic from these client addresses to the floating IP 10.10.10.1, and all other client traffic no NAT is applied. I can't create a NAT Pool for 10.10.10.100 & 10.10.10.102 as they are members of pool for a different VS. 

Any ideas/suggestions on how I can accomplish this?

 

I appreciate your assistance.

 

Thanks

Deena

LTM
nat
  • Enes_Afsin_Al's avatar
    Enes_Afsin_Al
    Nov 14, 2024

    Hi Deena,

    You can use iRule or LTM policy.

    when CLIENT_ACCEPTED {
	if { [IP::addr [IP::client_addr] equals 10.10.10.0/24] } {
		snat 10.10.10.1
	}
	else {
		snat none
	}
}

    https://clouddocs.f5.com/api/irules/snat.html

1 Reply

  • Enes_Afsin_Al's avatar
    Enes_Afsin_Al
    Icon for MVP rankMVP
    Nov 14, 2024

    Hi Deena,

    You can use iRule or LTM policy.

    when CLIENT_ACCEPTED {
	if { [IP::addr [IP::client_addr] equals 10.10.10.0/24] } {
		snat 10.10.10.1
	}
	else {
		snat none
	}
}

    https://clouddocs.f5.com/api/irules/snat.html