Forum Discussion

Mauricio_01_142's avatar
Mauricio_01_142
Icon for Nimbostratus rankNimbostratus
Jul 19, 2017

Auto map works, SNAT Pool doesn't

LTM Virtual edition v13. I have added a new VLAN (24) to work with on my LTM VE. It is working fine with VLAN 25 already.

 

Picked up an interface and added to the new VLAN and self IP mask /24 Then I copied a VIP working on another LTM VE on VLAN 24 to this LTM VE, same node, pool but picked up a different address for the VIP. VIP is up and is pingable, SNAT is pingable as well.

 

When i hit the VIP from my browser I got a connection reset message. A capture on the LTM shows like the node (server behind the f5) sends a RST to the SNAT.

 

If i remove the SNAT pool and use Automap the website loads properly. (tried configuring several VIPs and SNAT pools and same result)

 

I don't now the reason of this behavior. SNAT pool is reachable from the server.

 

My goal is to have VIPs running fin on this new vlan 24.

 

Any help you can provide would be very appreciated.

 

Regards!

 

add new vlan
application delivery
automap
LTM
security
snat not working
virtual edition

3 Replies

Sort By
  • Patrik_Jonsson's avatar
    Patrik_Jonsson
    Icon for MVP rankMVP
    Jul 20, 2017

    Hi!

     

    Either you can add an IP on VLAN 24 to the existing SNATPool, or you can create a new SNATPool with IPs in VLAN 24 and assign it to the VIP. Both should work fine.

     

    /Patrik

     

  • Patrik_Jonsson's avatar
    Patrik_Jonsson
    Icon for MVP rankMVP
    Jul 20, 2017

    Forgot to ask. Is VLAN 24 directly connected to the device? If not the up needed in the SNAT pools would be the egress network matching the route for VLAN 24.

     

    /Patrik

     

  • amintej's avatar
    amintej
    Icon for Cirrus rankCirrus
    Jul 21, 2017

    Hello,

     

    Did you check if a white list is applied in the web server ? If the web server send RST, I think it coud be due to security configuration. What servers are you using: Apache, IIS.. ?