Forum Discussion
What_Lies_Bene1
May 13, 2013Cirrostratus
I've SNATted traffic using the VS address as the source on a pretty large scale in the past without issues.
Regarding your design I suspect the issue may lie with the fact the IP is shared with a wildcard VS. The SNAT may assign a source port that is then used for the destination port by a client attempting to connect to the the VS, the F5 has no way of knowing or reserving ports in this scenario and I'm amazed it works at all. If the VS was restricted to a single port this wouldn't be an issue as the F5 would know what not to use for the SNAT.