iControl SNAT Pool list vs Web interface
I am trying to list the SNAT pools on an LTM via iControl and the list of pools is different from the SNAT Pool List on the BIG-IP web interface. I am using the following code: $user = 'myuser' $password = 'mypass' $F5 = 'MyF5' ------------------------------------------------------------------------- function Do-Initialize() ------------------------------------------------------------------------- { if ( (Get-PSSnapin | Where-Object { $_.Name -eq "iControlSnapIn"}) -eq $null ) { Add-PSSnapIn iControlSnapIn } $success = Initialize-F5.iControl -HostName $F5 -Username $User -Password $password; } $SNATPools = (Get-F5.iControl).LocalLBSNATPool.get_list() -replace '/Common/','' ForEach($pool in $SNATPools){ $poolmembers = (Get-F5.iControl).LocalLBSNATPool.get_member($pool) ForEach($member in $poolmembers){ "$pool," + ($member -join ",") } } This provides 2 SNAT Pools. The web interface lists 30 and they don't include the two that come back from the PowerShell script. I know I must be missing something, but I can't determine what I'm not doing right. Thanks in advance! Hank222Views0likes1CommentSnatpool and Pool Selction based on URI
Hi Guys, Stuck here, been trying to work out an irule, for snatpool and pool selection based on a uri We have an existing irule which works on another environment (like for like) however on the new enviroment for some reason it does not work, we have a url we connect to, then by clicking on a tab it should redirect us to another pool based on the uri we selected, but just times out and say refused to connect. This is the irule: I had configured the logging commands and it states it does not match the uri, however this same irule works on the old environment going to the same uri when HTTP_REQUEST { HTTP::header remove sm_user if { [string tolower [HTTP::uri]] starts_with "/dn" } { pool AC } else { SSL::disable serverside HTTP::header insert WL-Proxy-SSL true pool AC-A } }506Views0likes8CommentsSnatpool
Hi Experts, We have 2 vlans A and B, configured with wildcard virtual server to access outbound internet. However, both the wildcard virtual servers use the same snatpool, as below. snatpool snpab { members { 203.36.2.10 203.36.2.11 }} Problem: Users with servers in vlans A and B, are having intermittent internet access issues. Sometime internet works other times it does not/times out. Also, weirdly when trying to access yahoo, request gets redirected to its brazilian site. Any ideas would be of great help. thanks -genseek260Views0likes4CommentsStrange SNAT IP address behaviour
Hello everyone, Recently we've discovered a weird behaviour on our BIG-IP system. We are currently running version 11.5.1 on an 8950 Active/Passive HA pair. We have detected that a couple of servers, due to misconfiguration, are generating UDP traffic to port 1002 of an SNAT IP address which belongs to a SNAT Pool. Our BIG-IP is bouncing that traffic back to the network simply changing source an destination MAC address on the ethernet header. You can see it on the following screenshots: Is this an expected behaviour? Shouldn't F5 just drop this traffic? As additional info: the VS to which this SNAT Pool belongs is configured for port 80 HTTP. Thank you very much in advance for your answers. Best regards, Carlos488Views0likes9CommentsSNAT pool address removal
Hi Community I have a quick question - after removing particular IP address from the SNAT pool used on the Virtual Server - are active connections between lb and back-end servers are going to be interrupted (dropped) or LTM will let tcp connections expire? Thank you in advance. MichalSolved638Views0likes2Comments