Spidey_29396
May 09, 2013Nimbostratus
F5 as NAT device
HI All,
we have a deployment where F5 will be use as NAT device to replace a router. Im thinking what is the best practice for this, use route domain of just use vlan?
Thanks!
Ferdz
HI All,
we have a deployment where F5 will be use as NAT device to replace a router. Im thinking what is the best practice for this, use route domain of just use vlan?
Thanks!
Ferdz
The reason why we need to NAT IP addresses because of the conflicting IPs,
Here's the flow
Company A <> Router Company A <> F5 <> Router Compny B <> Company B
Thanks!
Ferdz
The reason why we need to NAT IP addresses because of the conflicting IPs, we are currently replacing a Cisco router using an F5.
Here some snapshots from NAT Router:
ip nat pool SUN1 172.26.0.2 172.26.31.254 netmask 255.255.224.0
ip nat inside source list 11 pool SUN1
access-list 11 permit 10.19.0.0 0.0.31.255
ip nat inside source static 10.157.8.84 172.26.210.84
ip nat outside source static 10.103.33.11 10.171.14.111
Here's the flow
Company A <> Router Company A <> F5 <> Router Compny B <> Company B
Thanks!
Ferdz
Origin:
10.19.0.0/19
Translation:
172.26.0.2 -172.26.31.254
Origin: 10.19.0.0/19
Translation: 172.26.0.2 -172.26.31.254
Does that meet your needs?
Is f5 NAT bi-directional? For example,
Origin:10.157.8.84
NAT: 172.26.210.84
Can i initiate traffic to 172.26.210.84?
Also,in the snat u gave? What are the ways i can initiate thru the snat ip addresses?
Regarding the SNAT, you would need two as you have now, one for each direction and only one side could initiate; no different to how it would work on the Cisco router.
Thanks for the help.I will be testing it on our lab setup before going to live migration.
Thanks!
Ferdz