SNAT using specific IP based on the client IP range
I'm needing to use an iRule to determine if a client connection comes from IP 10.1.0.0/25 then SNAT using a specific IP instead of the default AutoMap SNAT IP. I found the iRule below and have tried several variations of it, to no avail. I'm running 11.6.0 HF6 on a test LTM. I can't even save the iRule below without getting errors, even though the iRule below, as I mentioned, is just a starting point. Also, I'm not good at iRules so I'm not trying to get complicated.
This is the iRule I used as my starting point:
when CLIENT_ACCEPTED { if { [IP::addr [IP::client_addr] equals 10.0.0.1] { snat 172.18.1.1 } elseif { [IP::addr [IP::client_addr] equals 10.0.0.2] } }{ snat 172.18.1.2 } elseif { [IP::addr [IP::client_addr] equals 10.0.0.3] } }{ snat 172.18.1.3 } }
This is essentially what I would like to accomplish: when CLIENT_ACCEPTED { if { [IP::addr [IP::client_addr] equals 10.1.0.0/25] { snat 10.1.5.5 } }
I'm assuming, in my example above, that if my client IP does NOT equal 10.1.0.0/25 then it would NOT SNAT using 10.1.5.5 and instead would default to the configured AutoMap IP. This is basically what I'm trying to accomplish.
To put it another way, if my client comes from within my organization, I want to SNAT using IP A, if my client comes from outside my organization, I want to snat using IP B.