That rule looks like it should work to disable SNAT for the specific IP addresses. I'm not sure whether you need to specify to forward if it's already attached to a FastL4 virtual server.
Are client connections being reset, timing out, or completing; but with the source address translated?
If you wanted, you could create a datagroup (class), with your source IP addresses:
class no_snat_addresses {
network 10.10.10.0 netmask 255.255.255.0
host 10.11.0.10
}
when CLIENT_ACCEPTED {
if { [matchclass [IP::remote_addr] equals $::no_snat_addresses] }{
snat none
}
}
Aaron
Nimbostratus
