Forum Discussion

renato_76505's avatar
renato_76505
Icon for Nimbostratus rankNimbostratus
Sep 01, 2009

complex snat configuration help needed

Hi all,

 

I've made a drawing of what I intend to do (in attach). My issue description allways refers to that image. I am using a Linkk controller with version 10.0.1

 

Basically, on the lower third of the image I represent the Clients IPs, on the middle, the f5 the the intended NATs and on the upper third the ISPs.

 

What I need to do is perform three kinds of source NATs depending on the source IP of the client:

 

1. Dynamic source NAT

 

2. Static SNAT -> 1 to 1 relationship

 

3. Dynamic source NAT with strict port preservation

 

Thanks,

 

Renato Barros
config
design

2 Replies

Sort By
  • hooleylist's avatar
    hooleylist
    Icon for Cirrostratus rankCirrostratus
    Sep 01, 2009
    Hi Renato,

     

     

    You should be able to create a list of client IP addresses/subnets in a datagroup with the corresponding SNAT IP address to use. You can check the client IP address against the class in the CLIENT_ACCEPTED event.

     

     

    If you can use a separate datagroup for each SNAT address, you could use matchclass (
  • renato_76505's avatar
    renato_76505
    Icon for Nimbostratus rankNimbostratus
    Sep 02, 2009
    Hi,

     

     

    Thank you for your reply.

     

     

    Are you suggesting to create a Vserver IP forwarding , with an i rule that applies different SNATs according to the IP of the client?

     

     

    The problem with this is that, I need to apply different NAT's not only based on the client IP but also on the next hop (which is calculated by the link controller)...

     

    For example (take a look at the picture), the client 10.12.112.1 gets a different kind of NAT (dynamic NAT or basic NAT) depending on which next hop is chosen (192.168.24.206 or 192.168.34.206)...

     

     

    Thank you,