Forum Discussion
NimbostratusUsing different SNAT Pool List through iRule
Hi guys, i have one question: i have one VS, i want to do SNAT through different SNAT Pool List upon the client source IP address. For example, if the source ip address of client is 1.1.1.1/24 or 1.1.1.2/24, VS should changes the source ip address of outgoing packet to 1.1.1.100, and if the source ip address of client is 1.1.1.11/24 or 1.1.1.12/24, VS should changes the source ip address of outgoing packet to 1.1.1.200. I've checked it with below script, but it didn't work! Am i wrong? Can anyone help me? Is there any need to use of HTTP_REQUEST or some other methods???
when HTTP_REQUEST {
switch -glob [IP::client_addr] {
"1.1.1.1" -
"1.1.1.2" {
SNAT with 1.1.1.100
snatpool VM_SNAT_POOL_1_1_1_100
}
"1.1.1.11" -
"1.1.1.12" {
SNAT with 1.1.1.200
snatpool VM_SNAT_POOL_1_1_1_200
}
} }
3 Replies
What_Lies_Bene1Cirrostratus
Looks just fine to me. Perhaps move this to the CLIENT_ACCEPTED event.
- Matt_Dierick
Employee
Enable logs and check each event. Check client IP adress result and check if you enter in the right switch event.
Let us know. Try in client_accepted event.
- Matt_Dierick
You have a log local0. error message with this ??? :
when HTTP_REQUEST { log local0. "HTTP Request from [IP::client_addr]" switch -glob [IP::client_addr] { "1.1.1.1" - "1.1.1.2" { SNAT with 1.1.1.100 log local0. "SNAT with 1.1.1.100" snatpool VM_SNAT_POOL_1_1_1_100 } "1.1.1.11" - "1.1.1.12" { SNAT with 1.1.1.200 log local0. "SNAT with 1.1.1.200" snatpool VM_SNAT_POOL_1_1_1_200 } } }
