Does anyone know why a NAT can't share a public IP address with a VS?

Question

I've read and heard this is is not allowed but, it is possible to save such a config and I haven't seen any problems with the servers that I have done it on.
The reason I have used it is: we need some mail servers to have the same public IP outbound and inbound. &nbsp;
However, our WAN connection is in a separate partition/route domain from our VS'. It seems that a SNAT simply won't work across route domains for some reason so I used a NAT temporarily. &nbsp;

nathe · Answer

I think that is a viable solution to have a NAT address and VIP address the same. Note that inbound traffic will prefer the VIP (see Order of Preference&nbsp;
A NAT is an inbound and outbound listener. A SNAT is an outbound listener and can't receive traffic on the translation address, hence why it's called Secure NAT. &nbsp;
Hope this makes sense. &nbsp;
N&nbsp;

Forum Discussion

Does anyone know why a NAT can't share a public IP address with a VS?

1 Reply

Recent Discussions

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5Access | MacOS Sonoma

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

Related Content

Enriching AFM with public domain Threat Intelligence

SSLO in public cloud: Azure inbound L3 use case

one private ip nat with 40 public ip address

Restricting access to a virtual server by Public IP address should access through only domain name.

Re: Public Cloud Simplified with F5 NGINX for Azure