APM Automap inside Network Access VPN SSL which has NONE as SNAT Pool
Hello folks:
I have one APM v14.1.2 which is establishing VPN SSL tunnels. I am using the IPv4 lease pool segment 172.16.20.2 - 172.16.20.253. Such IPv4 segment is routed to reach some other segments in my network. Therefore, I am using None as the SNAT pool option in Access ›› Connectivity / VPN : Network Access (VPN) : Network Access Lists ›› vpn_for_me. As a result, every time a user connects via VPN, he uses one IP from the 172.16.20.X to reach other network segments. However, I need that the user utilises a Self IP or a SNAT pool to reach a specific server 10.10.10.10. In other words, I need to continue having such SNAT Pool NONE, but I need a SNAT Pool if the destination is a specific server. I am testing with an iRule event agent located before the Advanced Resource Assing agent, but I have not succeeded. Here's the iRule I am using:
when ACCESS_POLICY_AGENT_EVENT {
if {([ACCESS::policy agent_id] eq "snat_inside_vpn") and ([IP::addr [IP::remote_addr] equals 10.1.20.17])} {
snat automap
}
}
Thanks in advance.
OL