10-Aug-2022 01:26
hi i am new to F5 and i am trying to setup sslvpn solution that seems to be very simple i am using aws marketplace ltm bigip ve instance single nic configuration, bigip selfip is of 172.16.0.0/16 network. now i have configured sslvpn to use address pool lease of 10.230.230.0/24 in pass all trffic via bigip mode so i am expecting access internet via bigip external ip (elastic ip) and access internal resources via 10.230.230.0/24 network but in my case all traffic getting out to internal resources via bigip self ip (172.16.0.0/16) and not via clients leased ip for example (10.230.230.2) is there a way to set sslvpn clients source ip as there leased ip?
10-Aug-2022 07:24
Set the SNAT Pool Setting in your Network Access List from AutoMap to None. Correct routing for the lease pool ip addresses must be configured with this setup.
10-Aug-2022 08:57
snat pool configured to none
routing configured on aws route table assosiated to bigip instance
on bigip itself i configured default route 0.0.0.0 to aws vpc default gateway in my case 172.16.1.1
this config works as expected, but i dont have insternet access when selecting Force all traffic through tunnel
option. only internal resources availble