SSL-VPN and Route Domain

I'm probably missing something but I have the following problem:

Currently have a SSL-VPN setup with SNAT Automap. BIG-IP connected with multiple VLANs/Self-IPs.

vlan-internal - vlan id 100

self_internal - 192.168.100.245/24

vlan-external - vlan id 200

self_external - 192.168.200.245/24

default_route - 192.168.200.1 (firewall)

ssl-vpn - ip lease-pool 172.20.20.2-230

/Common/apm-vpn-vs configure with /Common/apm-vpn-profile

Firewall has been configured to route 172.20.20.0/24 traffic to 192.168.200.245.

With SNAT Auto-Map connectivity works.

Have a requirement to not use SNAT.

When disabling SNAT have connectivity to everything except for services on 192.168.100.0/24 (default route on servers is not F5), seeing as it is directly connected to the F5 it uses that connection to go to those addresses. I'm also able to ping the ip address assigned from the lease-pool from firewall.

Ended up creating a new partition and route-domain

part_apm

rd_apm (id 1) - strict isolate, default rd for part_apm

default_route_apm - 192.168.200.1%0

In access policy did an assignment of rd_apm and set SNAT to none. This appears to have resolved my connectivity issues in that all traffic is directed out of the default route. However I am now unable to ping the ip address assigned from the lease-pool from firewall.

What do I need to do to allow this? Is there a different way to configure this to achieve the required outcome?