For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

lcw1982_107422's avatar
lcw1982_107422
Icon for Nimbostratus rankNimbostratus
Aug 14, 2009

Problem joining domain behind NAT environment

Hi,     I am using the LTM to do NAT for all my servers, including the Domain Controller. (e.g phy IP is 10.10.10.10; virtual IP is 100.20.20.10). It seems that when the clients (in subnet...
config
design
dennypayne's avatar
dennypayne
Icon for Employee rankEmployee
Aug 14, 2009
I have found that a lot of the Windows AD stuff doesn't survive a NAT. There may be configuration options on the DC to help with this, but I'm not that knowledgeable about AD.

 

 

I have fixed this in the past by using a forwarding virtual server (wildcard 0.0.0.0:0 or restricted to the 10.10.10.0:0 network in your case), using the IP Forwarding type, that allows the LTM to basically act like a router. You will likely also need a static route on whatever the LTM's gateway is to point to the LTM floating IP as the next hop to get to 10.10.10.0.

 

 

Denny