Forum Discussion

Cirrostratus

Aug 15, 2017

Use iRule to SNAT based on Destination IP address without using a SNAT Pool.

I've seen an answer for a similar question on here, but the solution was to use a SNAT pool. Here's my situation: ServerA that needs to reach out to an external IP address. ServerA is in a SNA...

Altostratus

Aug 15, 2017

I don't quite understand the question.

A SNAT pool is a group of IP addresses that could be used as source IP's on the F5 ... Do you mean that ServerA has the SAME IP address as one that is in the SNAT pool?

Do you need to conditinally SNAT traffic coming from Server A, in the event that it is destined for a specific external IP?

if so:

when RULE_INIT {
    set ServerA 192.168.1.1
    set DestinA 10.0.0.1
}

when CLIENT_ACCEPTED {
    if { [IP::client_addr] equals $ServerA && [IP::remote_addr] equals $DestinA } {
        snat $ServerA
    }
}

//Jan

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Use iRule to SNAT based on Destination IP address without using a SNAT Pool.

Recent Discussions

Problem with lets encrypt and redirect after update

Should config via cli rather than gui?

Is a Dedicated Interface, VLAN, and Self IP Required for a VIP in an F5 Configuration?

question about getting hsl data to be formatted properly in splunk

iRule for client certificate verification and inserting CN

Related Content

CSV to Address External Datagroup File

Different policies same destination and pool

Block destination IP by source IP

Destination ip address persistence

Destination Based Routing

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS