APM SSL VPN: SNAT based on destination IP

Question

Hi,We've got SSL VPN up and running fine.Now, we need to do SNAT on VPN connections only destined to specific networks, and cant figure out how to achieve that. Such functionality we can find in AFM but afair it is processed before APM.Any ideas anyone?&nbsp;&nbsp;

dario_garrido · Answer

Hello&nbsp;roracz1,
There is a way to intercept the traffic inside of the VPN tunnel when is established. To do so, you need to configure a new VS listening in any (0.0.0.0/0) or just some specific destinations where they are using the connection profile in the vlan allowed section.
Never tried before, but you should try to modify the SNAT in those new VS (that are listening in different destinations).
Anyway, let me know if it's helpful.
&nbsp;

Forum Discussion

APM SSL VPN: SNAT based on destination IP

1 Reply

Recent Discussions

Open Redirection Mitigation

F5Access | MacOS Sonoma

enable tls1.2 on management interface on F5 ltm running version 10.x

[ASM] - what is "Browser Challenge file" ?

SMS server with BIGIP

Related Content

Destination Based Routing

Destination address at F5

SSL VPN Split Tunneling and Office 365

Crafting Secure Paths: The Intricacies of VPN Solutions on BIG-IP APM

Cookie-based DDoS protection