Cannot disable snat in iApps
Hi, I have recently stuck with an issue on LTM which seems odd. When I set Source Address Translation to None in normal VIPs, client addresses get to the servers just fine but when I do the same thing for VIPs which I have created using iApp templates with the same configuration, client addresses keep getting translated to the inside interface IP of the LTM. It seems really strange to me because the procedure I take to disable the snat for both of them is the same but I get different result. I will paste the configuration of both here and I will appreciate if someone can help me about this. ===Virtual Setup : without-iapp_vs=== ltm virtual without-iapp_vs { destination 192.168.10.60:http ip-protocol tcp mask 255.255.255.255 pool without-iapp_pool profiles { tcp { } } security-log-profiles { "Log all requests" } source 0.0.0.0/0 translate-address enabled translate-port enabled vs-index 17 } ===Pool Setup : without-iapp_pool=== ltm pool without-iapp_pool { members { 172.16.187.2:http { address 172.16.187.2 session monitor-enabled state up } } monitor http-80 ===Virtual Setup : with-iapp.app/with-iapp_redir_vs=== ltm virtual with-iapp.app/with-iapp_redir_vs { app-service /Common/with-iapp.app/with-iapp destination 192.168.10.42:http ip-protocol tcp mask 255.255.255.255 profiles { with-iapp.app/with-iapp_f5-tcp-lan { context serverside } with-iapp.app/with-iapp_f5-tcp-wan { context clientside } http { } } rules { _sys_https_redirect } source 0.0.0.0/0 translate-address enabled translate-port enabled vs-index 92 } ===Pool Setup : none=== ===Virtual Setup : with-iapp.app/with-iapp_vs=== ltm virtual with-iapp.app/with-iapp_vs { app-service /Common/with-iapp.app/with-iapp destination 192.168.10.42:https fallback-persistence with-iapp.app/with-iapp_source-addr-persistence fallback-persistence-type source-address ip-protocol tcp mask 255.255.255.255 persist { with-iapp.app/with-iapp_cookie-persistence { default yes } } policies { with-iapp.app/with-iapp_policy { } } pool with-iapp.app/with-iapp_pool profiles { with-iapp.app/ASM_with-iapp_policy { } with-iapp.app/with-iapp_client-ssl { context clientside } with-iapp.app/with-iapp_f5-tcp-lan { context serverside } with-iapp.app/with-iapp_f5-tcp-wan { context clientside } with-iapp.app/with-iapp_http { } with-iapp.app/with-iapp_oneconnect { } with-iapp.app/with-iapp_optimized-caching { } with-iapp.app/with-iapp_server-ssl { context serverside } with-iapp.app/with-iapp_wan-optimized-compression { } websecurity { } } security-log-profiles { "Log illegal requests" } source 0.0.0.0/0 translate-address enabled translate-port enabled vs-index 93 } ===Pool Setup : with-iapp.app/with-iapp_pool=== ltm pool with-iapp.app/with-iapp_pool { allow-snat no app-service /Common/with-iapp.app/with-iapp load-balancing-mode least-connections-member members { 172.16.37.27:https { address 172.16.37.27 app-service /Common/with-iapp.app/with-iapp session monitor-enabled state up } } monitor https_443 slow-ramp-time 300