Forum Discussion
gsharri
Oct 07, 2014Altostratus
It is possible to have the source address of node initiated outbound traffic appear to come from a vip . You will need to translate the server (node) source address to the vip on the way out. Nodes are not allowed, by default, to initiate connections out through the bigip.
One way to allow this create a snat where the translation address=vip and address list includes the servers source IP. Enable the snat on the source vlan only (the vlan where the server's outbound connection originates).
Another method which allows outbound connections is the forwarding (ip) virtual server type. You will need a snat pool that contains the vip address. Assign that to the fwd(ip) VS. The fwd virtual allows you to control the destination to which the traffic is allowed and you could use iRules to perform more selective traffic processing. Again enable the fwd VS only on the vlan where the nodes connection is originating.