Forum Discussion

F5-FW-Struggler's avatar
F5-FW-Struggler
Icon for Nimbostratus rankNimbostratus
May 12, 2014

How to Scipt SNAT Automap for 100's of Virtual Servers

We are changing our topology for F5 and routing. VIPs we have today facing the internet are load balancing to DMZ and inside vlans. With our topology change, we need to turn on SNATTing (automap) for these VIPs. Of course using GUI to do this is not feasible, it would take days to complete.

 

Can someone help me with a base template, that i can simply copy and paste into a notepad and change out the VS names? The idea would be to simply paste it in.

 

Thanks in advance!!

 

4 Replies

  • I would use a bash script to modify all the vips you want to enable automap for. Just set the "VIPS" variable with a spaced list of the virtual names

     

    Would look something like this:

     

    !/bin/bash

    VIPS="vs_app1 vs_app2 vs_app3"

     

    for VIP in $VIPS ; do

     

    tmsh modify ltm virtual $VIP source-address-translation { type automap }

     

    done exit 0

     

    • F5-FW-Struggler's avatar
      F5-FW-Struggler
      Icon for Nimbostratus rankNimbostratus
      Thanks Nathan, that is extremely useful info.. I am sure i would like to go this route... however, just one more question: Is what i am typing (in "quotations" the correct syntax?) Type "!/bin/bash" at the bigpipe mode once I ssh into the F5 Type "VIPS="vs_app1 vs_app2 vs_app3 ...... vs_app150"" Type "for VIP in $VIPS ; do tmsh modify ltm virtual $VIP source-address-translation { type automap }" Type "exit" Would that work?
    • Sec-Enabled_658's avatar
      Sec-Enabled_658
      Icon for Cirrostratus rankCirrostratus
      All the text I added earlier would be added to a text file (script) file, ex: snatscript.sh then you would chmod +x the file to make it executable, then run it like: ./snatscript.sh