Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Answers

Outbound SNAT when BIGIP is not default gateway

Hi,

I am trying to work out how I can do outbound NAT for servers which have their default gateway as an SRX. Inbound SNAT to the pool of loadbalanced web servers is working via the f5s. I am doing an external NAT on the ASA to the VS created on the F5s for these pool of servers. The F5 only has a point to point connection with the ASA. The F5s default route is back to the ASA. Therefore it has no idea of the VLAN the web servers are on.

What I would like to do is when I initiate an outbound connection from one of the pool of webservers, I would like it to NAT to the VS SNAT IP. I do not think this is possible as the default gateway of the servers is the ASA and is bypassing the F5 completely.

Can anyone please advise of possible workarounds or steps to this issue.

The map is as follows:

Web Servers-------------->SRX-------------->ASA---------------->Internet

Please note the F5 sits off the ASA which routes to all internal subnets.

0
Rate this Question

Answers to this Question