Leveraging the LOGs and considering that perhaps my logic is bad (that is, the SNAT may not be failing, but actually just not applying to the condition I set, because the remote_addr variable I am expecting is ACTUALLY something different), I set up this rule:
when LB_SELECTED {
if {[IP::addr [IP::client_addr] equals "192.168.1.1"]} {
log "remote_addr: [IP::remote_addr]"
log "local_addr: [IP::local_addr]"
log "client_addr: [IP::client_addr]"
log "server_addr: [IP::server_addr]"
}
}
Where I am coming from 192.168.1.1, what I see in the LOG is:
Rule test_snat : remote_addr: 192.168.1.1
Rule test_snat : local_addr: 192.168.201.100
Rule test_snat : client_addr: 192.168.1.1
TCL error: Rule test_snat - Error: No serverside connection established (line 5) invoked from within "IP::server_addr"
Any reason why nothing is coming back for IP::server_addr? Per discussion thread 4284 (where I picked up these 4 variables), I would have expected the server_addr to be my pool member.
Incidentally, the session does not connect with this rule applied.
I am thinking the issue now, the reason it is still SNATing, is it is not actually falling under the logic.
This is where discussion thread 4686 essentially leaves off...
agh!!
Help appreciated.