SNAT Automap

Question

I'd like to know how snat automap is specifically setup in my environment. Even after reading the documentation I'm still a confused.&nbsp;
Firewall NAT 157.68.37.22 to 192.168.55.47 (VIP on F5)192.168.55.99 is the SELF IP and 10.1.10.244 is the internal server IP.
What is actuall y being nat'd and snat'd in this example. Can some explain using these IP's the process of a user request from 157.68.55.99 all the way to the internal server and back to the client thanks!!!&nbsp;

kevin_stewart · Answer

Okay, your firewall is actually doing the NATting from a public destination address to an internal/private destination address. Client traffic, once (destination address) NATted, arrives at the F5 VIP. At this point you have a destination address of 192.168.55.47 and a source address that is probably the real client address.&nbsp;
Given that you have a VIP on the 192.168.x.x subnet and servers on the 10.x.x.x subnet, I'm guessing you either have two VLANs and corresponding self-IPs, or a route to the 10.x.x.x network. In either case, SNAT automap will change the SOURCE address in the packet to an address of one of the self-IPs - the one that makes the most sense. The destination address will change to the server's IP (10.1.10.244).&nbsp;

Forum Discussion

SNAT Automap

1 Reply

F5 Container Ingress Services (CIS) and using k8s traffic policies to send traffic directly to pods

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

Syslog server not visible in GUI

Same LTM Monitor applied to different Pools with Common Nodes

irule execution error

F5 AWAF/ASM learning only from Trusted traffic?

OWA File Upload URIs for WAF Bypass

Related Content

Kill SNAT AutoMap!

SNAT Automap

How to ensure source address and source port are accepted and traversed properly via F5 SNAT automap

SNAT pool persistence

Selective SNAT

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS