SNAT list - how to use it

Question

Hi.. I have a standard VIP https://10.20.20.220 with ssl bridging and the server is listening on port 443. &nbsp;
I don't want to use SNAT Automap, but I want to use the just the plain SNAT feature where the client IP address is mapped to a IP address I define.
FYI.. Self-IP on the F5s are 10.20.20.5, 10.20.20.6 (both are non-floating ) &nbsp;
SNAT: 
Client IP : 10.30.30.1    SNAT IP : 10.20.20.221 &nbsp;
I have set the SNAT option on the VIP as None, assuming that the one-to-one SNAT I have configured will kick in. But for some reason its failing. I'm not able to get the IIS page when I access the VIP.&nbsp;
Note: This is a F5 LTM virtual instance and I'm using a one ARMed mode of deployment. &nbsp;
Can someone suggest me if I'm missing something or is that SNAT doesn't work this way? &nbsp;

nathe · Answer

SNAT should work like that. Can you confirm you have configured the SNAT list correctly? Translation should be the hide address and Origin/Address List should be the client IP address.&nbsp;
assuming this is all correct, what happens if you run tcpdump on the bigip? Do you see connections going to the backend pool member using the snat address?&nbsp;
Hope this helps,&nbsp;
N&nbsp;

Forum Discussion

SNAT list - how to use it

1 Reply

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

After upgrading from PeopleTools 8.59.11 to 8.61.11 F5 APM is not rewriting the internal URLs

F5 BIG IP laboratory license

F5 mssql health monitor failing

How can I get started with iCall

Connection Rest f5

Related Content

F5 402 Exam reading list and notes

Apply a Policy to an SNAT list

List of F5 iControl REST API Endpoints

Intermediate iRules: Handling Lists

SNAT pool persistence

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS