For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

shawmcbigdis_84's avatar
shawmcbigdis_84
Icon for Nimbostratus rankNimbostratus
Jul 23, 2009

SNAT iRule problem

I'm trying to get snat to work for only outbound internet connections, not for internal addresses. I am using the following rule;     when SERVER_CONNECTED {     Compare destina...
application delivery
dev
devops
iRules
shawmcbigdis_84's avatar
shawmcbigdis_84
Icon for Nimbostratus rankNimbostratus
Jul 23, 2009
OK, got it. Awesome. Thanks a ton for the help.

 

 

I need to know one last thing. How can I verify that this isn't NAT'ing incoming connections? I mean, a client out on the internet makes a request for one of the websites behind the bigIP. The initial request is to a routable IP, but it hits the firewall first, and then the firewall makes the request to the non-routable IP of the VIP. So that iRule, is not going to even be functioning on that VIP, correct? And also by the time the connection request gets to the BigIP, it can't even see that the original request was for a routable IP. Right? I just need to verify because there are parts of our app that need to verify the connecting clients IP, and if it NAT's the incoming, that would not work at all.

 

 

Shawn