Forum Discussion
Srikar
Altostratus
AltostratusUnderstanding SNAT
SNAT pool is configured but source translation is set to None on Virtual Server and there is a pool attached to it which has Allow SNAT as yes? Does translation happens in this case when client send...
Yes, if you have such configuration as this is outside the F5 Virtual servers (VIP) configuration and it works for all traffic matching this SNAT object. The idea is if you want to use the F5 devices just as NAT/SNAT devices without load balancing, you use those objects. You read the article below on how this is done:
https://support.f5.com/csp/article/K47945399
Please also read this as if you have VIP with snat pool or auto map and NAT and SNAT separate objects the VIP SNAT config takes priority over the NAT and SNAT objects. If the VIP does not do source translation then if there are matching NAT and SNAT objects, they are used as the NAT has higher priority than the SNAT. If there is no NAT object and the VIP does not do translation, then the SNAT is used.
https://support.f5.com/csp/article/K9038
Nikoolayy1
MVP
MVPYes it shouldn't happen if source translation is set to None on the VIP. Having "Allow SNAT" on the pool just means that the pool will accept traffic that is translated by a VIP with source translation enabled.
Check if you have SNAT list (one to one ip mapping) enabled under the F5 LTM configuration as F5 may do translation if it is also configured threre not only under the VIP, otherwise it could be a bug and check then the bug tracker ( https://support.f5.com/csp/bug-tracker?sf189923893=1 )
https://support.f5.com/csp/article/K47945399
This is also helpfull to understand the SNAT/NAT translation order:
https://support.f5.com/csp/article/K9038
and