Forum Discussion
aj1
Mar 03, 2015Nimbostratus
Thank you for the reply.I do have a wildcard forwarding server that uses the snat pool, not sure how that affects this.
[admin@isb-alb-c1:/S1-green-P:Active:Standalone] ~ tmsh list /ltm snat
[admin@isb-alb-c1:/S1-green-P:Active:Standalone] ~
Used "snat none" in the rule instead of the "pool $default_pool" statement. Still seeing snat happening either way though, same subnet or not. The same logs as before. Can verify the same from the connection table.
Something that was different this time were the connection table records for the 125.171.11.108 client. No snat in the first record (expected), but snat in the second record.
show /sys connection cs-client-addr 125.171.11.108
Sys::Connections
125.171.11.108:41521 198.82.183.114:389 125.171.11.108:41521 172.16.18.24:10389 tcp 1198 (slot/tmm: 1/0) none
125.171.11.108:43228 198.82.183.114:389 198.82.214.125:43228 172.16.19.24:10389 tcp 992 (slot/tmm: 1/1) none
Total records returned: 2
- Mar 03, 2015Hi aj, it will not be necessary to have multiple data-groups. You can put all network ranges into a single data-group and please make sure to include all client networks (currently the 125.171.11.0/24 is not covered). This might cause the problem. Thanks, Stephan
- aj1Mar 17, 2015NimbostratusYes, having every subnet in just one data-group worked ! I guess i had a different idea as to how the irule works and therefore split the two subnets into two data-groups. Thank you Stephan.