Joe_41441
May 07, 2010Nimbostratus
Creating Intelligent SNAT
Hello Group,
I have a question about setting up Intelligent SNAT. My intention is to use an iRule to dictate which public IP is used for a particular server's access to a whitelisted resource. It reads as a very simple procedure from this guide: https://support.f5.com/kb/en-us/pro...wp1192236
What I've done: 1. I have removed the node in question from a standard SNAT.
2. I have written an iRule with the snat command: when CLIENT_ACCEPTED { if { [IP::addr [IP::client_addr] equals a.b.c.d] } { snat w.x.y.z } }
3. F5 documentation says "From the Resources screen for the appropriate virtual server, assign the iRule as a resource to the virtual server".
Simple enough I know how to do that on inbound virtual servers. How do I setup a virtual server for outbound traffic? I assume this is different from a Virtual Server for inbound traffic. I have tried creating a virtual server with the IP address of the internal server (a.b.c.d), and applying the iRule from step 2 on it. I can see in the statistics for my iRule that Total Executions increment, but server a.b.c.d does not have internet access.