Forum Discussion
David_Noonan_67
Apr 26, 2011Nimbostratus
SNAT selected source addresses on a VS
We have a VS that does NOT include SNAT. Our issue is that some of the backend servers also need to use the VS and as they're on the same subnet as the VS pool servers that doesn't work without SNAT.
I found the example below under the snat command at devcentral and just want to confirm that it does what I think it does.
I believe this will SNAT any traffic to the virtual server from 10.10.10.0/24 so that the servers will see 192.168.20.10 as the source. Yes?
when CLIENT_ACCEPTED {
if { [IP::addr [IP::local_addr] equals 10.10.10.0/24] }{
snat 192.168.20.10
}
}
In particular we want to confirm that the irule will not do anything to outbound traffic (responses to clients hitting the VS).
Thanks
- Michael_YatesNimbostratusI think that you will need to change from [IP::local_addr] to [IP::remote_addr]
when CLIENT_ACCEPTED { if { [class match [IP::remote_addr] equals mynetwork] } { snat automap } }
- David_Noonan_67NimbostratusI was originally looking at this post which uses IP::client_addr and didn't notice that the example on the snat page was different.
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects