For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

valve404's avatar
valve404
Icon for Nimbostratus rankNimbostratus
Jan 21, 2022

SNAT with client and pool member on same subnet

Hi, We have sort of an aut-last-hop feature on our firewall, and the lb is placed in front of the firewall. This ensures when a client from a random vlan behind the firewall connects to a VIP, the r...
devops
iRules
snat
DenisG's avatar
DenisG
Icon for Employee rankEmployee
Jan 25, 2022

You could use it in the LB_Selected event and the LB::Server event

https://clouddocs.f5.com/api/irules/LB__server.html

https://clouddocs.f5.com/api/irules/snat.html

there is a good starting point iRule that is liek this:

# Apply SNAT automap for clients in the 10.10.10.0/24 subnet
when CLIENT_ACCEPTED {
   if { [IP::addr [IP::local_addr] equals 10.10.10.0/24] }{
      snat automap
   }
}

 

 

And looking here for the iRule event order - it shows it should work https://clouddocs.f5.com/training/community/irules/html/class1/module1/iRuleEventsFlowHTTPS.html