Technical Forum
Ask questions. Discover Answers.
Showing results for 
Search instead for 
Did you mean: 

it is possible to use floating ip to communication to internet



Hello I wold like to ask if is it is posible to do something like:

I have application which is running on port 80&443,  but I would like to use same IP used in virtual server for comunucation from BE server to the internet, from other port but on same public IP, IP address is floating is it possible to do so? 

thank you



@Roman_ What I understand is that you have a server that is the source of communication and you want it to be able to reach out to the internet using the floating IP in an HA pair of F5 BIG-IP LTM? You can configure a forwarding virtual server and then apply an iRule to it that specifies specific sources and any destination outside of your network and then for it to SNAT from a snat pool, in that snat pool you configure the floating IP, and finally in the iRule you created you put in this snat pool IP for SNAT under the specific traffic that you defined. I believe something similar to the following would work for you when applied to your forwarding virtual server.

when CLIENT_ACCEPTED priority 500 {

    if { [class match [IP::addr [IP::client_addr] == CLASS-Source-IPs]] } {
        if { [class match [IP::addr [IP::remote_addr] contains CLASS-Internal-IPs]] } {
        } else {
            snatpool SNAT_FloatingIP


The CLASS labeled as CLASS-Source-IP should have the specific sources in question, the one labeled CLASS-Internal-IPs will have internal destinations that you would be reaching out to that you wouldn't want to SNAT the traffic, and finally the SNAT pool list labeled SNAT_FloatingIP would have the floating IP configured in it.

@Paulius thank you for your answer, but then what shoulbe be set as gateway or "proxy" on specific backend server to reach out internet? any pool or other virtual server with internal adress and port?

@Roman_ This is definitely assuming your F5 is in path and is the gateway out for the source IP device.

@Paulius  Unfortunettley no, for now it is just reverse proxing external facing application. I was assuming to create virtual server which will listen on internal(also floating) IP which will be called by backend application which need to connet to interent using specific public IP (yousing your suggestion with forward virtual server). But I dont know which profiles needs to be asigned to this server with internal IP.

thank you again