F5 is upgrading its customer support chat feature on My.F5.com. Chat support will be unavailable from 6am-10am PST on 1/20/26. Refer to K000159584 for details.

Forum Discussion

Dhananjaya_1354's avatar
Dhananjaya_1354
Icon for Nimbostratus rankNimbostratus
Jan 15, 2014

Virtual Server

Hi,   I'm new to this BIG-LTMP world   Is it necessary to enable SNAT > Automap when creating new virtual server.   Regards Dhananjay  
nathe's avatar
nathe
Icon for Cirrocumulus rankCirrocumulus
Jan 16, 2014

Dannofrd,

 

SNAT (or Secure NAT) is, in essence, Source Address Translation. You only need to use it when you need to change the Source address from the client's true source IP address to something else, for whatever reason.

 

Usual scenarios for SNAT are when you want to ensure traffic from the server goes back via the f5, in case it's normal default route is not the f5 and it can talk back to the client some other way. This would cause traffic failures.

 

Also, if you're accessing internet resources, which I believe you are, then you will need to use SNAT as the internal IP address of a client may be a private IP (rfc 1918), ie non-routable on the internet and you need to translate it behind a routable address.

 

SNAT Automap uses the IP address of the egress interface (floating if in a pair). You could also specific you're own SNAT addresses (on the same subnet) and use these instead.

 

Hope this helps,

 

N