Outbound SNAT with private external address

I assume the VIP is a 10.x.x.x addr on the inside? If that's the case, the F5 will perform the destination translation to the 172.1.1.1 outbound?

The destination IP that the 10.x.x.x servers will connected to could be any public IP. I should also mention that one of the other external legs of the F5 has a public IP range and connected to another interface on the FW. The default route for the F5 is pointing via this interface.

Can you please provide F5 interface IP address details. I am assuming like this.

F5 internal IP address is 10.x.x..x F5 external IP address is 172.x.x.x towards firewall. Firewall external IP address will be external IP's Firewall internal IP address will be internal IP's.

Updated the diag

Then you need to configure like this: Configure F5 VIP as 10.x.x.x (SNAT should be automap) and pool member should be 172.x.x.x. For example pool member is 172.1.1.1 You should create NAT on Firewall for 172.1.1.1 and it should map to public IP 200.1.1.1 F5 should have routes towards firewall Firewall should have route towards internet

Above configuration should work for you.

The dest IP of the internal servers (10.x.x.x) is any public IP. They will not target a 10.x.x.x VIP.

your internal servers should reach to 10.x.x.x vip, from there firewall and them internet.( It is a secure flow)

"should reach" - what does this mean? do you mean "target"?

The internal servers can't target a single VIP as the destination IP that the 10.x.x.x servers will use is unknown, its just any public IP addr.

you mean there is no specfic public IP as destination? if yes, can you please let me know destination subnet, listening port etc..

No specific public IP. Its an outbound sftp connection to any.