Forum Discussion
Nimbostratusroute problem between SNATed private vlan and hosts on public side vlan
Hello,
We have problem to route traffic from hosts on F5 private internal vlan(192.168.0.10) to hosts on public side vlan(10.10.0.20),10.10.0/24 is configured on F5 as selfip and there are virtual servers on 10.10.0/24 on F5.
SNAT is setup for 192.168.0.10 to public IP(within another F5 subnet, 10.20.0.10) on F5 so it can send outbound traffic.
The problem is that snated outbound traffic from 192.168.0.10 can't reach hosts on subnet 10.10.0/0 if those hosts are not on F5, seems like F5 discard the packet if destination IP within self-ip range but not hosted on F5.
Is there anyway to get around this and allow such traffic through? I read about wildcard and ip forwarding but want to check with the group to see how to make this work.
Thanks in advance!
1 Reply
gbam_190768Cirrus
So if I understand you correctly, your setup looks like below.
Internal --> F5 --> External & External (192.168.0.10) (10.10.0.0) (10.20.0.0)Your current SNAT goes from your internal (192) to your external 10.20.0.0? Do you have SNAT set to automap or a pool? If the .10 subnet is on the F5 and the SNAT is listening for traffic then I'm assuming you're translating it to an address on the 10.20.0.0 network but you don't have a route once it gets there. You could configure a route to 10.10.0.0's default gateway if you wanted to take a round about way to get there.
