Forum Discussion

Nimbostratus

Aug 22, 2018

VPN and internet access issues - default gateway biting me.

Hi, We currently have an F5 configured using the APM/LTM for SSL VPN. For internet access we were using our web filtering appliances as a proxy setup as we don't allow split-tunnel. ...

application delivery

BIG-IP Access Policy Manager (APM)

Nimbostratus

Aug 24, 2018

Hi, I finally figured things out by using a mix of FastL4 forwarding and an iRule to turn SNAT on or off based on source and destination IP.

The FastL4 rule had a source of the VPN subnet, and a destination of any:any, scoped to the tunnel. The iRule was pretty simple, just an if that checked if from VPN and not to internal addressed, if so turn snat on, else set snat none.

Thanks to the posters about PBR and FastL4 as these pointed me in the right direction.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

VPN and internet access issues - default gateway biting me.

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

Integrating SSL Orchestrator with McAfee Web Gateway-Transparent Proxy

Whats new in NGINX Gateway Fabric 1.2?

Cannot access the internet using a default gateway virtual server

Using BIG-IP Kubernetes Gateway API Controller

Get Started With Kubernetes SIG Gateway API

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS