Mar 27, 2026 - For details about updated CVE-2025-53521 (BIG-IP APM vulnerability), refer to K000156741.

Forum Discussion

Stefan_Klotz_85's avatar
Stefan_Klotz_85
Icon for Cirrus rankCirrus
Feb 17, 2016

SNAT will not be perform

It seems I have a strange issue at the moment. I've a HTTPS VS with SNAT automap enabled, but when I sniffer the traffic I always see the real client-IP as source on the serverside connection. I also...
application delivery
LTM
snat
Josh_Abaire's avatar
Josh_Abaire
Icon for Nimbostratus rankNimbostratus
Feb 17, 2016

You could also do a tcpdump on the client side to see if it is communicating with the VIP, or to James' point, directly to the server. If you are capturing the client side and server side and indeed confirm that source is unaltered, I've never seen SNAT just not work, so I would step through the config again. Is the SNAT enabled on the right VS in the right partition and route domain? Do you see the connection counter increment on the VS you expect and see the connection in the conn table? I also like troubleshooting with iRule. Setup a rule to log the connection to see where the breakdown is.