Forum Discussion

Nimbostratus

Jan 21, 2022

SNAT with client and pool member on same subnet

Hi, We have sort of an aut-last-hop feature on our firewall, and the lb is placed in front of the firewall. This ensures when a client from a random vlan behind the firewall connects to a VIP, the r...

Cirrus

Jan 28, 2022

1. Create a SNAT pool and add SNAT Pool members to it.

[SNATPOOL]
ltm snatpool dmz1_snat {
members {
172.16.0.7
172.16.0.8
}
}

ltm snatpool dmz2_snat {
members {
172.16.1.7
172.16.1.8
}
}

2. Create a SNAT data group

[ SNAT-DATAGROUP ]
ltm data-group internal snat-dg {
records {
172.16.0.0/24 { dmz1_snat }
172.16.1.0/24 { dmz2_snat }
}
type ip
}

3. Write iRule and apply it to virtual server

when LB_SELECTED {
if { [class match [LB::server addr] equals snat-dg] } {
snatpool [class match -value [LB::server addr] equals snat-dg]
} else {
snat automap
}
}

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

SNAT with client and pool member on same subnet

Recent Discussions

F5 - AS3 - BIGIQ / BIGIP SchemaVersion Missunderstanding

F5OS API - not able to create vlan

F5 APM - limiting access to the bandwidth for network Access

Change LB priority based on status

High CPU utilization (100%).

Related Content

client direct connect to pool member

Create iRule condition with matching client IP from multiple IP subnet

DevCentral's Featured Member for January - Daniel Wolf

DevCentral's Featured Member for November - Alex Tijhuis

DevCentral's Featured Member for October - Buu Lam

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS