Problem NAT

Question

Hi ALL&nbsp;&nbsp;
&nbsp;I'm facing problem the NAT on F5 ( LTM)&nbsp;&nbsp;
My network :&nbsp;&nbsp;
Server-----FW--------              ------Line internet2&nbsp;
                               F5(LTM)  ------line internet 1&nbsp;
&nbsp;50(Users)------FW---------             ------line internet 3&nbsp;&nbsp;
&nbsp;- I haved config Virtual servers to publish some servers to internet&nbsp;
&nbsp;-Default GW Pool 
&nbsp;- I have config to users to access the internet&nbsp;
&nbsp;   LTM--Virtual servers:&nbsp;
&nbsp;            -Destination:0.0.0.0/0.0.0.0
&nbsp;            -Type: Performance Layer4
&nbsp;            -Vlan : internal&nbsp;
             -SNAT Pool:automap
&nbsp;               &nbsp;

&nbsp;But I have problem the users access to internet , it work some times (about 20 min) then so users can not access internet , it times  at pc of users can not ping 8.8.8.8 , but on F5 then ping 8.8.8.8 ok and F5 can not NAT source users&nbsp;
&nbsp;so I guess on F5 have problem NAT&nbsp;&nbsp;
Could you PLS help me !&nbsp;
Many thanks&nbsp;&nbsp;

&nbsp; &nbsp;
 &nbsp;

&nbsp; &nbsp;

&nbsp; &nbsp;
 &nbsp;

&nbsp;

&nbsp; &nbsp;

nitass · Answer

it work some times (about 20 min) then so users can not access internet , it times  at pc of users can not ping 8.8.8.8 , but on F5 then ping 8.8.8.8 ok and F5 can not NAT source userswhen problem happens, can you try to run tcpdump on f5 to see what is going on? 
&nbsp;  
&nbsp; to screen 
&nbsp;  tcpdump -nni 0.0 host 8.8.8.8 and icmp 
&nbsp;  
&nbsp; to file 
&nbsp;  tcpdump -nni 0.0:nnn -s0 -w /var/tmp/output.pcap host 8.8.8.8 and icmp

techgeeeg · Answer

Hi Hung, 
&nbsp; In you wildcard VS which is the performance layer 4 VS in the Advance config have you selected "for all traffic" instead of "tcp" or "udp" I think you still have it set to TCP or UDP. change it and it should start working perfectly fine. Also for the NAT its not going to work as per your expectations as you have the wild card server. You have to have some iRules and SNAT's &amp; VS pair created to make it work.  
&nbsp; It is really strange but NAT the simplest thing in the network world works very differently with F5. They seriously have to look into it. 
&nbsp;  
&nbsp; Regards,

Forum Discussion

Problem NAT

2 Replies

Recent Discussions

Client certificate Authentication - open multiple tabs

google autenticator broken barcode

Chrome V 124+ on MacOS - Virtual Server Access Issue

vulnerabilities (CVE-2020-36363), CVE-2016-0736,CVE-2019-6593-FOR VERSION BIGIP LTM-16.1.4

Port Group on F5OS network setting

Related Content

Remove subnet from NAT pools without any impact

Source_Addr Persistence Problems

Problem about Export imformation to Excel

C3D first request problem

Bulk Nat Creation