SNAT Issue

Question

Hi Guys,&nbsp;
I have an issue in translating the Client Source address to internal node IP Subnet in the F5. Could you please provide some clear idea on how snat works.&nbsp;
Regards&nbsp;

patrik_jonsson · Answer

There are multiple ways of translating IP's.
If all you want is to translate incoming client source IP's on a particular virtual server I'd recommend using a SNAT pool.&nbsp;
To use a SNAT pool on a virtual server:&nbsp;
Go to the virtual server config page.Change Source Address Translation from "None" to automap, or a custom SNAT Pool that you've create yourself. 
Note that if you create a SNAT pool yourself it should contain at least one IP in the subnet facing the member servers.&nbsp;
/Patrik&nbsp;

patrik_jonsson · Answer

Hi!&nbsp;
Try enabling SNAT automap first and see if that works.&nbsp;
I have never setup load balancing for Lync myself but I've heard that it can be a bit tricky. Some Microsoft services are using kerberos SSO as authentication and then they might not accept that you NAT the incoming packets unless you have allowed the server to authenticate sessions for users (something like a proxy). I believe you have to configure an "SPN record" in the domain controller in that case.&nbsp;
/Patrik&nbsp;

patrik_jonsson · Answer

Have you tried iApps?&nbsp;
Here's one for Lync 2010 and 2013:
https://devcentral.f5.com/wiki/iapp.Microsoft-Lync-Server-2010-Updated-iApp.ashx&nbsp;
/Patrik&nbsp;

Forum Discussion

SNAT Issue

3 Replies

Recent Discussions

Error while running ansible

ASM instance creation

[ASM] - what is "Browser Challange file" ?

[ASM] - HTML5 Cross-Domain Request Enforcement - CLI command

Reverse Proxy Not Behaving

Related Content

Regex issue

SNAT IP address logging

SNAT pool persistence

F5 GTM resolution issue

Irule Example Issue