Two SNAT iRULE with same Origin IP addresses
I have two SNATs (SNAT1 and SNAT2) all in the same VLAN working just fine. Now, I want SNAT1 also to translate port 80 traffic to SNAT2 (this is snat pool) virtual servers based on url (e.g. abc.com) or its internal DNS resolved ip address, or else translate everything to SNAT2 virtual server. That is, if port 80, translate to SNAT2, if port 443 continue translate to SNAT1 as default SNAT
Scenario: SNAT1 origin IP addresses: 10.10.20.23 10.10.20.24 10.10.20.25
SNAT Translated to a virtual server 10.20.20.9
SNAT2 (SNAT Pool) origin IP addresses: 10.10.20.33 10.10.20.34 10.10.20.35 10.10.20.36 10.10.20.37 10.10.20.38
Translated to a virtual server 10.30.30.9
Below is the closest I can get combing DevCentral.
when CLIENT_ACCEPTED {
switch [TCP::local_port] { "80" { if {[matchclass [IP::local_addr] equals $::the_destination_ip] and [matchclass [IP::client_addr] equals $::the_source_ip]} {
log local0. "[IP::client_addr]: using SNAT2 for [IP::local_addr]" snat 10.30.30.9
} else {
log local0. "[IP::client_addr]: using SNAT1 for [IP::local_addr]"
snat 10.20.20.9
}
}
Thanks in advance
Elias_O