Forum Discussion

Cirrus

Jun 22, 2018

SNAT local address going to a specific port

I'm trying to SNAT a subnet going to a specific port but not getting anywhere with the iRule. Below is what I currently have:

when CLIENT_ACCEPTED { if {[IP::addr [IP::client_addr] equals "10.10.10.0/28"]} and {[UDP::local_port] equals "1700"]} {snat "10.10.10.1"}}

application delivery

BIG-IP

iRules

1 Reply

crodriguez

Ret. Employee

Jun 22, 2018

Braces and brackets are a bit misaligned. Try the following which should at least be syntactically correct:

when CLIENT_ACCEPTED {
    if { [IP::addr [IP::client_addr] equals "10.10.10.0/28"] && [UDP::local_port] equals "1700" } {
        snat "10.10.10.1"
    }
}

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

SNAT local address going to a specific port

1 Reply

F5 Academy at AppWorld 2026

Aswin MK - November 2025 Featured Member

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

CVE mitigation on F5 XC vs classic F5 WAF

Could not communicate with the system. Try to reload page.

F5 XC 503 upstream_reset_before_response_started{protocol_error}

UCS Encryption Question

BIG-IP VE: 40G Throughput from 4x10G physical NICs

Related Content

APM-Specific Features for Securing Your Website

Allow only specific IP Address to only specific URL/route in ASM

Deny access to F5 management from specific addresses

ASM Local Traffic Policy to redirect on specific URL

Living on the AWS Edge - Local Zones

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS