Forum Discussion
aj1
Mar 06, 2015Nimbostratus
Thank you, that worked ! I can see the logs for anything outbound initiated from one of the load balanced hosts. However, when i try to verify the same using "tmsh show /sys connection cs-client-addr ", i see nothing. We have a mail server connecting to google's mail servers, and i can see a log entry for that connection but nothing in bigip's connection table. Not sure if this has something to do with the fastl4 profile on the wildcard forwarding vserver.
iRule:
when CLIENT_ACCEPTED {
if { [class match -- [IP::local_addr] equals onCampus_networks] } {
set is_snat 0
log local0. "IF. Client is [IP::client_addr]:[TCP::client_port]. Destination address is [IP::local_addr]:[TCP::local_port]. No SNAT"
snat none
}
elseif { [class match -- [IP::client_addr] equals /Systems/smtp_nodes] } {
set is_snat 1
log local0. "ELSE IF. Client is [IP::client_addr]:[TCP::client_port]. Destination address is [IP::local_addr]:[TCP::local_port]. SNAT"
snat 198.82.215.225
} else {
set is_snat 1
log local0. "ELSE. Client is [IP::client_addr]:[TCP::client_port]. Destination address is [IP::local_addr]:[TCP::local_port]. SNAT"
snatpool snat_pool
}
}
when SERVER_CONNECTED {
if { $is_snat } {
log local0. "Client [IP::client_addr]:[TCP::client_port] SNAT'ed to [IP::local_addr]: [TCP::local_port] connecting to [IP::remote_addr]:[TCP::remote_port]"
}
}
Is there something fundamental i'm missing here?
Thanks.