Forum Discussion
EranN_340350
Nimbostratus
NimbostratusWorking without SNAT to see original client IP
Hi, In order to see the original client IP accessing a pool member from the WAN, I've disabled SNAT, then, because of assymetric routing the connection stopped working, so I've set the pool member server (windows server) DG IP address to be the F5 internal IP of that specific VLAN, then the connection was working again and I could see the original cliene IP accessing the pool member, but I lost connectivity to that server from my workstation since the routing to that VLAN in our LAN environment is done via our backbone switches / FW .
How can I keep the above configuration (no SNAT, DG of pool member is the F5 IP instead of our FW IP) and still have access to that server inside the LAN ?
Thank you.
Dave_McCauley_3Cirrostratus
You'll need to create a forwarding virtual server on the BIG-IP to enable routing to that network through the BIG-IP. Basically just a Virtual Server with a destination of 0.0.0.0/0 and type of Forwarding (IP) for the pool member to use and one for the network to access the pool member with a destination of the pool member's network, i.e. 192.168.10.0/24. On your network, you can set a route to the network the F5 is routing by adding a route with a next hop of the BIG-IP's floating IP.
Here's a KB explaining forwarding virtual servers:
https://support.f5.com/csp/article/K7595
--D