Forum Discussion
Micros_88999
Aug 30, 2009Nimbostratus
Hi Aaron,
Scenario is: Inet -> Cisco ASA (NAT) -> BigIP -> DMZ web servers (Physical + VMs) -> Switch -> MPLS Router.
The def. gw for the app servers (those who are pool members) is not the BigIP as we do not want to mess around with routing: we send them towards the Core switch (internal access) and ultimately towards the MPLS router.
All VSs for the DMZ servers have SNAT enabled but for some applications we`d need to have visible source IPs not the floating IP. Currently, if SNAT automap is disabled: the app servers can not be reached from outside.
I might need to check on that scenario up there, but 90% sure now. My understanding was: if I create a SNAT pool with the source IPs: the BigIP will perform SNAT but will keep the `real` IPs for the application visible? Am I totally wrong there?
Cheers:
Andy