using irule to SNAT SMTP connections

Question

Hi all,&nbsp;
&nbsp;Refer to attachment for what i am trying to setup&nbsp;
&nbsp;I need to SNAT outbound SMTP communication from both mail server A as well as mail server B to the same IP as the Virtual IP address that's currently configured, my problem is i only want to SNAT SMTP communication and nothing else (server A and B need to talk to DC/DNS etc un-NATted).&nbsp;
&nbsp;I understand that the only way to selectively SNAT is to use irule, and from my understanding i have to associate an irule to a virtual server, is what i am trying to setup something doable on F5 V9?&nbsp;
&nbsp;Thanks&nbsp;&nbsp;
&nbsp;kiw

ian_smith · Answer

make a wildcard forwarding virtual server for outbound connections &nbsp;&nbsp;
&nbsp;virtual wildcard_fwd_vs {
&nbsp;   destination any:any
&nbsp;   mask none
&nbsp;   ip protocol tcp
&nbsp;}&nbsp;
&nbsp;and assign an iRule:&nbsp;
&nbsp;when CLIENT_ACCEPTED {
&nbsp;    switch [ IP::client_addr ] {
&nbsp;        10.0.0.1 { snat 10.0.200.1 }    &lt;&lt;&lt; this is mail server A being snat'd to the mx record address
&nbsp;        10.0.0.2 { snat 10.0.200.1 }    &lt;&lt;&lt; and mail server B to the same address
&nbsp;        default { snat none }               &lt;&lt;&lt; nothing else gets changed
&nbsp;        }
&nbsp;}

Forum Discussion

using irule to SNAT SMTP connections

1 Reply

Recent Discussions

F5 Rseries HA

Error when running bigip_command Playbook against LTM : Syntax Error: unexpected argument /bin/sh\n

Can iRule be used to perform exception of IPI category based on Geolocation

Can iRule mask the payload content on event logs of security

minimum tmos software version for connect CIS (openshift)

Related Content

Routing problem for connect() in iRule

Current connections vs CLI show sys connections

Using iRule to prompt for Client SSL Cert

Using irule which inspects perticular URI

AD Authentication using multiple user attributes