Not using SNAT , for VPN clients , F5 not using Floating IP of virtual server.
Hello All,
I have configured F5 to as our client VPN gateway.
I am not using SNAT since, i have created a virtual server to use the default gateway to our firewall, where it controls access of the VPN clients (if i use SNAT, clients are able to access all servers that are behind the self IPs).
VPN clients should not have direct access to the backend servers, it requires to go via our firewall hence SNAT is disabled and the default gateway is configured (support KB K18487629: How to route Network Access traffic to specific gateway).
However, F5 is still sending out traffic via the local self IP and not the floating IP, the return route for the VPN client network is (on the firewall is configured for the floating IP). Hence, when the traffic returns to F5 via floating IP, it reads that it never sent such traffic via floating IP and it sends a reset back to the firewall (which is then forwarded to the servers)
Is there a way on the virtual server config to force to use only floating IP and not the local interface?
Thank you for your response.