Forum Discussion

Nimbostratus

Jan 15, 2014

Virtual Server

Hi, I'm new to this BIG-LTMP world Is it necessary to enable SNAT > Automap when creating new virtual server. Regards Dhananjay

nathe

Cirrocumulus

Jan 16, 2014

Dannofrd,

SNAT (or Secure NAT) is, in essence, Source Address Translation. You only need to use it when you need to change the Source address from the client's true source IP address to something else, for whatever reason.

Usual scenarios for SNAT are when you want to ensure traffic from the server goes back via the f5, in case it's normal default route is not the f5 and it can talk back to the client some other way. This would cause traffic failures.

Also, if you're accessing internet resources, which I believe you are, then you will need to use SNAT as the internal IP address of a client may be a private IP (rfc 1918), ie non-routable on the internet and you need to translate it behind a routable address.

SNAT Automap uses the IP address of the egress interface (floating if in a pair). You could also specific you're own SNAT addresses (on the same subnet) and use these instead.

Hope this helps,

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)