So a client on the 10.206.0.0/22 or 10.206.173.0/24 subnet establishes a connection to an LTM VS on the 10.206.0.0/22 subnet. The pool members are not on a local LTM subnet. They're on a subnet which is routed through the firewall. Connections to the FTP server pool are SNATed using a 10.206.0.0/22 source IP. However, the outbound connection to the non-local FTP servers goes out the 10.206.173.0/24 subnet's VLAN and come back in over the 10.206.0.0/22 subnet's VLAN from the firewall.
Is that an accurate summary of the issue? What are the actual symptoms of the issue? Do the FTP connections work, but you get alerts on the firewall? Or is there a layer 3 issue with the IP addresses?
Could you change the SNAT IP to one on the 10.206.173.0/24 subnet?
You cannot configure routing specific to a load balancing virtual server. So there hopefully will be another solution to the issue.
Aaron
Nimbostratus
