Juraj
Mar 18, 2020Cirrus
Selective SNAT in VPN
I have a fully working VPN (Network Access) on BIGIP; very easy to set tup.
I have an RFC1918 IP pool 10.10.1.1-10.10.1.254 allocated for the VPN clients, and my BIGIP has a couple of network interfaces. If I enable AutoMap, everything works nicely.
Question: is it possible to do a selective SNAT based on where the client wants to go? If yes, how?
I'm trying to keep the RFC1918 IPs when clients talk to internal resources in our network, but I would like to SNAT only the traffic going to the Internet (it leaves through a specific interface that has it's own self-ip).