SNAT problem, caused by oneconnect?

Is there a known problem with oneconnect and SNAT iRules?

I have to set a special SNAT adress for requests from some special users.

The iRule looks like this:

when CLIENT_ACCEPTED {         
  switch [IP::client_addr] { 
    ??.??.??.??/?? {
      snatpool SNAT_PENTESTER
    } 
    default {
       Default usage of SNAT Automap
      snat automap 
    } 
  } 
}

This works sometimes, sometimes not. We didn't found a reason, why the LTM sometimes uses the SNAT iRule and sometimes not. The VS uses a oneconnect profile. Could this be a reason for this confusing reaction?

Any help welcome!