For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Vijay_01's avatar
Vijay_01
Icon for Altostratus rankAltostratus
Mar 27, 2017

SNAT Issue

Hi All,   I am reading one SNAT document "https://support.f5.com/csp/article/K7820?sr=29125585%0D"; Here it is mentioning that when the outside client is accessing some internal server, and if in ...
application delivery
LTM
Nicholas_P__308's avatar
Nicholas_P__308
Icon for Cirrus rankCirrus
Mar 27, 2017

this depends on your environment. A TCPDUMP can verify. If you have an application server reaching the front-end of the BIGIP F5 that typically means you have a firewall rule allowing the application server to access the front-end, in this case the source I.P. would be the application server I.P. Address (not vip) it would then get translated into a traffic-group or SNAT pool I.P.

 

Ran into this one last week, once again, I would setup a TCPDUMP on the front-end of the BIGIP F5 in order to verify.