Forum Discussion

yammy1688_99834

Nimbostratus

Feb 11, 2011

SNAT vs Auto-map

Any advantage to setting up SNATs versus just using the auto-map function in the virtual server? Thanks, -Ken

config

design

Chris_Miller

Altostratus

Feb 11, 2011

Posted By hoolio on 02/11/2011 02:11 PM

With 10.x tcpdump, you can also see the virtual server name in the packets. This line shows a SNAT to pool member SYN which was via the http_10.1.0.15_vs virtual server:

14:05:19.472966 IP 10.1.0.11.50954 > 10.1.0.100.http: S 3232923316:3232923316(0) win 4380 out slot1/tmm0 lis=http_10.1.0.15_v

A VS specific SNAT pool is still useful, but figured I'd throw this out there too.

Aaron

Was referring more to firewalls, Netflow, etc...boxes that only care about IP/Port. Still, very cool reminder. I noticed that once and didn't think anything of it. Didn't even consider the application at the time.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

SNAT vs Auto-map

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Checking for X-Forwarded-For against an Address Data-Group

SSL Bridging and FQDN rewrite Policy

Cisco TACACS+ Config on ISE LTM Pair

iRule causing requests to be duplicated (sometimes)

How can I get started with iCall

Related Content

SNAT pool persistence

Kill SNAT AutoMap!

Auto Map & SNAT

SNAT IP address logging

Selective SNAT

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS