Forum Discussion
hi Yasir, i would like to remind you to check the default gateway on your web servers. make sure those are set correctly.
- janholtzMay 11, 2018Altostratus
Default gateway should have no bearing if we are using SNAT.
IF:
1) Client can connect to virtual server
2) F5 can connect to back-end hosts.
We should only need correct SNAT, and we'll be happy.
Some caveats for condition 2:
Remember that when you telnet / curl from the LTM command line, it will ALWAYS use non-floating IP address to get to the back-ends.
When you use a client machine, and hit the virtual server with SNAT automap, it will ALWAYS try to use the floating ip address to it's internal VLAN (if assigned), and THEN non-floating.
ALL of the above are predicated on the premise that NONE of the traffic is trying to go / get to / from the management interface, in which case all bets are off and reality is guaranteed to get distorted.
DO NOT use the management IP / interface for anything besides management. It will not work... you will make yourself unhappy.
//Jan
- Andy_304337Nov 11, 2018Cirrus
Hi Yasir
You can try this command to see if your client ip is hitting snat and/or vip.
Tmsh show sys coonection | grep [client ip]
The snat ip wud generally be on 2nd column & vip be on 3rd or 4th column.
Let us know the result.