Forum Discussion
prabhat_73172
Jan 18, 2011Nimbostratus
Now the irule is working as expected but when the traffic gets routed directly to the internet_pool, it can't connect. There is only one member in that pool which is basically the firewall.
When LTM sends traffic directly to the firewall, it appears the source IP is that of the device (laptops) and the firewall doesn't like it and drops packets after the initial handshake.
The traffic going via proxy_pool hits the proxy and gets routed back to LTM on the way to the internet since proxy nodes don't have direct access to the internet.
And in this case when LTM is passing the outgoing traffic to the firewall that it got from the proxy nodes and source IP is that of the proxy IP and the firewall allows those.
So somehow we need to use SNAT that will allow the packets that are directly going to firewall from LTM to the addresses that of the proxy IP. But we're not sure the way to achieve that. We tried several ways but none work.
Any help would be greatly appreciated