F5 BIG-IP - Apply SNAT To Client Subnet or IP
F5 BIG-IP - Apply SNAT To Client Subnet or IP
F5 BIG-IP - Apply SNAT To Client Subnet or IP
Home » F5 BIG-IP » F5 BIG-IP – Apply SNAT to client subnet or IP SUBSCRIBE RSS OR EMAIL
← Previous Next →
RSS Reader
Email subscription Ok
F5 BIG-IP – Apply SNAT to client subnet or IP
Posted on August 17, 2017 RECENT POSTS
These are the steps (im using BIG IP v13)… Exchange – Update to fix
escala on privilege vulnerability
C ATEGORIES
Apache
Checkpoint FW
Excel
Exchange
F5 BIG-IP
Home Server
HW
Icinga
Ironport
Linux
Lync
Nagios
O opic
Outlook
Powershell
Raspberry
Security
Sysadmin
VMWare
Assign name and iP(s) to use as translated source IP
Windows
Create IRULE
Assign name and set the following code (in red my own example values. Replace them with yours)
when CLIENT_ACCEPTED {
log local0. "client:"
if { [IP::client_addr] contains "192.168.190." } {
pool POOL_EXCHANGE
snatpool SNAT_POOL_LAN
}
}
Local Traffic – Virtual Servers – Virtual Server List – <Select VS> – Resources
The ouput shows: <original client IP> <virtual server IP> <translated client IP> <server IP>
As you can see, when the client IP does not contain “192.168.190.”, the IP is not translated.
However, the “192.168.190.126” client IP was translated to the one defined in the SNAT pool (192.168.190.250).
This entry was posted in F5 BIG-IP and tagged bigip, F5, howto, nat, TCP/IP by Sysadmin SomoIT. Bookmark the permalink.
Leave a Reply
Your email address will not be published. Required fields are marked *
Comment
Name *
Email *
Website
Post Comment
SomoIT 2019