Snat irule based on client destination ip failing
Hi all,
On LB (version 11.4.1) I have the below simplied config. On my backend server I do:
telnet 60.60.60.60 80
On my LG:
tail -f /var/log/ltm
Oct 16 15:02:56 lb-00 info tmm1[10802]: Rule /Common/rr_snat_irule : CLient Connected: local_addr IP address = 60.60.60.60 Oct 16 15:02:56 lb-00 info tmm1[10802]: Rule /Common/rr_snat_irule : No snat required
==== simplified config ========= ltm data-group internal /Common/DG2 { records { 50.50.50.0/24 { data net2 } 60.60.60.0/24 { data net1 } } type ip } ltm rule /Common/rr_snat_irule { when CLIENT_ACCEPTED { log local0. "CLient Connected: local_addr IP address = [IP::local_addr]" if {[class match [IP::client_addr] equals DG2 ]} { log local0. "use snat ip 1.1.1.1" } else { log local0. "No snat required" } } } ltm virtual /Common/snat_out_vs_80 { destination /Common/0.0.0.0:80 ip-protocol tcp mask any profiles { /Common/tcp { } } rules { /Common/rr_snat_irule } source 0.0.0.0/0 translate-address disabled translate-port disabled vlans { /Common/TRAFFIC } vlans-enabled }
Any insight will appreciated. /Farid