Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions
Custom Alert Banner

F5 AppWorld 2024 session proposal deadline extended to Friday, December 8th!

how to set sslvpn clients external ip same as address pool leased ip and not using bigip self ip

vadim
Nimbostratus
Nimbostratus

‎10-Aug-2022 01:26

hi i am new to F5 and i am trying to setup sslvpn solution that seems to be very simple i am using aws marketplace ltm bigip ve instance single nic configuration, bigip selfip is of 172.16.0.0/16 network. now i have configured sslvpn to use address pool lease of 10.230.230.0/24 in pass all trffic via bigip mode so i am expecting access internet via bigip external ip (elastic ip) and access internal resources via 10.230.230.0/24 network but in my case all traffic getting out to internal resources via bigip self ip (172.16.0.0/16) and not via clients leased ip for example (10.230.230.2) is there a way to set sslvpn clients source ip as there leased ip?

Labels:
0 Kudos
2 REPLIES 2

Juergen_Mang
MVP
MVP

‎10-Aug-2022 07:24

Set the SNAT Pool Setting in your Network Access List from AutoMap to None. Correct routing for the lease pool ip addresses must be configured with this setup.

0 Kudos

vadim
Nimbostratus
Nimbostratus
In response to Juergen_Mang

‎10-Aug-2022 08:57

snat pool configured to none

routing configured on aws route table assosiated to bigip instance

on bigip itself i configured default route 0.0.0.0 to aws vpc default gateway in my case 172.16.1.1

this config works as expected, but i dont have insternet access when selecting Force all traffic through tunnel
option. only internal resources availble

0 Kudos
Copyright © 2023 Khoros, LLC