Use SNAT with Monitor

Question

Hello,&nbsp;
&nbsp;I would like to know if it is possible to use the SNAT for the monitoring ?&nbsp;
&nbsp;Use @ip SNAT to make the tests of health check, not use @ip physical appearance(physics) of the interface of F5. &nbsp;
&nbsp;I cross a firewall for the monitoring Health check, and only @ip SNAT is authorized (source IP).&nbsp;
&nbsp;Thanks in advance for your answer.&nbsp;
&nbsp;Regards,

chris_miller · Answer

From what I've seen, the only option would be to configure an external monitor using netcat to specify the source IP. Otherwise, you'll have to change the fw rules. I often use my boxes to telnet to pool members for testing and since that also uses the self-ip, it's a nice capability.

hooleylist · Answer

As Chris said, there isn't a native method for selecting the source IP of a stock monitor.  You can use an external monitor which references a shell utility that allows for selection of a source address. 
&nbsp;  
&nbsp; However, you can't use shared IP addresses (floating self IP's, SNAT addresses, etc)  in a redundant pair as that would cause IP conflicts when each LTM unit attempts to perform the monitor checks. 
&nbsp;  
&nbsp; Aaron

Forum Discussion

Use SNAT with Monitor

Recent Discussions

ports are showing open on online scanning tool

Upgrade F5 BIGIP

DNS HM Probe issue

Is XFF a must for ASM WAF DoS

Switch ssl profile based on weak cipher detection via IRULE

Related Content

iRule based RADIUS Health Monitor Builder

HTTP Monitor

F5 NGINXaaS for Azure: Monitoring and Metrics

F5 SMTP Fast Template - SNAT Not working as expected

Kill SNAT AutoMap!

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS