Forum Discussion

Tabish_Patel_20's avatar
Tabish_Patel_20
Icon for Nimbostratus rankNimbostratus
Jun 09, 2015

Need to bypass SNAT for internal IPs

I have configured SNAT towards the Public Network for 2 local servers whose GW is the F5 BIG-IP itself.

 

IPs of servers : 192.168.10.1 & 192.168.10.2 GW : 192.168.10.254/24 (configured on BIG-IP) SNAT IP : 77.240.x.x

 

Now when the servers 192.168.10.1 & 192.168.10.2 need to communicate to 192.168.20.1 in the local network, it’s taking the NATed IP 77.240.x.x which is blocked through FWs in the network due to restrictions and will cause asymmetrical routing. I need to bypass the SNAT if matched with certain IP networks with an iRULE. Please suggest how and what needs to be done. If anyone have any sample iRULE or document that can help, it will be really helpful.

 

7 Replies

  • IPs of servers : 192.168.10.1 & 192.168.10.2

     

    GW : 192.168.10.254/24 (configured on BIG-IP)

     

    SNAT IP : 77.240.x.x

     

    how is snat configured on bigip? are you using snat list?

     

    Now when the servers 192.168.10.1 & 192.168.10.2 need to communicate to 192.168.20.1 in the local network

     

    what object listener are you using? is it virtual server or snat list?

     

  • IPs of servers : 192.168.10.1 & 192.168.10.2

     

    GW : 192.168.10.254/24 (configured on BIG-IP)

     

    SNAT IP : 77.240.x.x

     

    how is snat configured on bigip? are you using snat list?

     

    Now when the servers 192.168.10.1 & 192.168.10.2 need to communicate to 192.168.20.1 in the local network

     

    what object listener are you using? is it virtual server or snat list?