IRONMAN
May 09, 2019Cirrostratus
SNAT for outbound connections from members to internet and intranet
Any one confirm please , below irule will give me this solution?
SNAT for outbound connections from members to internet and intranet members IP range: 172.0.0.0 single vip with IP 192.0.0.5
So members can access the internet via same vip to internet and intranet? Actually i dont understand how this taking applying for only outbound connections?
{ when CLIENT_ACCEPTED {
if { [IP::addr [IP::client_addr] equals 172.0.0.0] }
{ snatpool xxxx }
elseif
{ snat none }
}
}
Hi Ironman,
You could create a forwarding virtual server with a destination IP:port of 0.0.0.0:0 with a source of 172.0.0.0/8 enabled on the VLAN that the clients are connecting into the BIG-IP on. You could enable your SNAT pool on the virtual server.
This should work without an iRule.
Aaron