Although the link you provide is a valid and helpful configuration for some scenarios, I don't believe it helps with what you're trying to do.
The scenario outlined on that blog talks about determining which SNAT address (of two available) to use based on the origin IP of the connection. In both cases, though, the BIG-IP still does SNAT, and the receive connector has to be configured to accept connections from the SNATed addresses.
In general, the two approaches you have are:
1) Disable SNAT, so the source IP is still seen to be the original IP of the sender(s). You tried this and were not able to connect at all anymore, even via telnet, which shows that your Hub servers don't have a route back to the origin via the BIG-IP. If you fix the routing, this solution should work (the BIG-IP essentially works as a "smart router" in this scenario).
2) Keep SNAT enabled, but make sure your receive connector can accept connections from the address(es) the BIG-IP is using for SNAT. This will either be one of the self IP addresses, or addresses you define explicitly in a SNAT pool. To confirm which addresses are being used for SNAT, you could do a Wireshark/tcpdump/Netmon capture on the Hub servers to check the source(s) of the connections. To make the captures easier to read, you can disable monitoring first--monitors will always come from the self IP of the BIG-IP, whereas the SNATed connections may come from some other address. You want to make sure you're looking only at addresses from legitimate source "clients".
If none of that works, please let us know the case you open, and I'll take a closer look at your details.