FTP Through BIG-IP from Client Behind BIG-IP

Hi, I need to be able to pass FTP, both Active and Passive, through BIG-IP when initiated from a client that is behind BIG-IP and is NATed...do you think iRules plus a Forwarding IP VS can help?

 

 

I am running BIG-IP OS v.9.2.3 on LTM 6800.

 

 

The situation is as follows:

 

 

1. Client behind BIG-IP initiates FTP (client real IP is 1.1.1.1)

 

 

2. Client connects to FTP server located on the BIG-IP external network (client connects with NAT source IP of 1.1.2.1)

 

 

3. Client successfully completes logon to FTP server.

 

 

4. Client attempts PORT command and fails with message "invalid port command" as the port command contains the client real IP.

 

 

I looked trough all available BIG-IP manuals, solutions, ASK5, and iRule threads with no luck.

 

 

The one thing I found in the iRule threads that looks promising is the relate_{client|server} function.

 

 

Do you think this can be the solution to my problem?

 

 

Thanks, Maxim