Source NAT not working
Hi,
I am newbie to F5 config!
I was trying to setup a test url using this config.
root@(ltm)(cfg-sync Standalone)(Active)(/Common)(tmos) list ltm virtual internal.com
ltm virtual internal.com {
destination 10.10.44.21:http
ip-protocol tcp
mask 255.255.255.255
pool internal.com
profiles {
tcp { }
}
source 0.0.0.0/0
source-address-translation {
pool NAT_INTERNAL
type snat
}
vs-index 13
}
root@(ltm)(cfg-sync Standalone)(Active)(/Common)(tmos) list ltm snatpool NAT_INTERNAL
ltm snatpool NAT_INTERNAL {
members {
10.10.44.10
10.10.44.11
10.10.44.12
10.10.44.13
10.10.44.14
10.10.44.15
}
}
root@(ltm)(cfg-sync Standalone)(Active)(/Common)(tmos) list net route
root@(ltm)(cfg-sync Standalone)(Active)(/Common)(tmos)
root@(ltm)(cfg-sync Standalone)(Active)(/Common)(tmos) list sys management-ip
sys management-ip 10.10.19.78/24 { }
root@(ltm)(cfg-sync Standalone)(Active)(/Common)(tmos)
When I do a packet capture at the backend server, I see that the packets are sourced from the F5 LTM management IP address to the real servers , but not from the NAT pool.
*13:34:05.336990 IP 10.10.24.50.80 > 10.10.19.78.45215: Flags [.], ack 10, win 114, options [nop,nop,TS val 132330038 ecr 3727660834], length 0
13:34:05.338525 IP 10.10.24.50.80 > 10.10.19.78.45215: Flags [.], seq 1:2897, ack 10, win 114, options [nop,nop,TS val 132330039 ecr 3727660834], length 2896
13:34:05.338541 IP 10.10.24.50.80 > 10.10.19.78.45215: Flags [.], seq 2897:5793, ack 10, win 114, options [nop,nop,TS val 132330039 ecr 3727660834], length 2896
13:34:05.338551 IP 10.10.24.50.80 > 10.10.19.78.45215: Flags [.], seq 5793:7241, ack 10, win 114, options [nop,nop,TS val 132330039 ecr 3727660834], length 1448
13:34:05.338555 IP 10.10.24.50.80 > 10.10.19.78.45215: Fl*ags [P.], seq 7241:8026, ack 10, win 114, options [nop,nop,TS val 132330039 ecr 3727660834], length 785
How can I fix the issue?