Forum Discussion
"I am using the IPv4 lease pool segment 172.16.20.2 - 172.16.20.253. Such IPv4 segment is routed to reach some other segments in my network."
Why not change the lease pool to a different range (one that's not in use in your network), and let an automapped SNAT address (a self IP) handle traffic to the 172.16.20.0/24 network? When the majority of our on-campus users switched to work-from-home, we had to add a larger lease pool which is non-routable (ie. only relevant in the VPN user <=> F5 connection) and is set to SNAT automap. For tech support groups who need their own set source addresses for VPN (to limit access to some devices to just their team), I've created separate SNAT pools for them to use.
Originally when VPN was set up we created self IPs for the lease pool range, but were later told it doesn't need them.