Configuring SMTP behind F5 - role of SNAT

Question

I am configuring our SMTP servers (mostly outbound) behind our Big IP LTM.&nbsp;
So far I have created the nodes, pool for those nodes but am having a challenge with SNAT.&nbsp;
We have 3 internal ip addresses that need to map to a single external source NAT when going outbound - or inbound for that matter.&nbsp;
I have created the SNAT pool list that maps the single external address to the 4 internal addresses, but am missing how I associate this to the virtual server I created. Does it need to be a rule?&nbsp;

brad_parker · Answer

You could either do it with a SNAT list or by selecting the SNAT pool you create in the "Source Address Translation" drop down of the virtual server your outbound traffic would be going through. This could be a wilcard forwarding IP VS that is configured with the source addresses in CIDR notation of your IPs you are wanting to SNAT.

cammy_178041 · Answer

Hi Brad&nbsp;
Thanks for your response.  I had a snat list so removed it and tried adding a snat pool list, but I am getting an error stating one of the SNAT addresses is being used by a pool member. Why would this be giving me an error? My pool members are all on our internal network - hence the desire to SNAT them to an external address.&nbsp;
I would prefer not to wildcard as this LTM is being used for HTTP LB as well as SMTP LB and all the pool members and VSes are on the same internal network.  &nbsp;

Forum Discussion

Configuring SMTP behind F5 - role of SNAT

2 Replies

Recent Discussions

vulnerabilities-CVE-2020-16150 & CVE-2013-0169

google autenticator broken barcode

Error while running ansible

ASM instance creation

[ASM] - what is "Browser Challange file" ?

Related Content

SMTP Smugglers Blues

SMTP Proxy

What is SMTP Smuggling and how can you deal with it?

SMTP Traffic Forward to M365 on Port 587

Certificate Expiry Email alert configuration