Is it possible to disable NAT selectively

Question

I.e.&nbsp;
If applied to a IP forward VIP, is it possible to selectively no-NAT via an iRule, similar to the following:&nbsp;
when CLIENT_ACCEPTED {
snat none
}&nbsp;
Or does this iRule statement also remove the NATs with the presence of "snat none"?&nbsp;
Thanks.&nbsp;

jrahm · Answer

you can be more selective than just the event itself, limiting to particular subnets or host. Details on snat behavior from iRules from the snat command page in the iRules wiki:&nbsp;

Causes the system to assign the specified source address to the serverside connection(s). The assignment is valid for the duration of the clientside connection or until 'snat none' is called. The iRule SNAT command overrides the SNAT configuration of the virtual server or a SNAT pool. It does not override the 'Allow SNAT' setting of a pool.&nbsp;

stephanmanthey · Answer

The answer regarding enabling/disabling the destination NAT can be found here:
https://clouddocs.f5.com/api/irules/translate.html&nbsp;

Forum Discussion

Is it possible to disable NAT selectively

2 Replies

Recent Discussions

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

Enabling AVR and creating Profiles

Get associated pool name from VIP IP using F5-LTM

Disacard SSL::cert mode to ignore when default SSLClient profile is set to request or require

About custome Response Blocking Page

Related Content

Disabling Weak Ciphers

User roles per partition: are multiple possible?

disable http retry

behavior of SSL::disable serverside

Modify vCMP-Guest with ansible not possible?