iRule that source SNATs based on destination

Question

We have a server pool in an Internet DMZ that requires the source IP addresses of the servers to be translated into the VS IP address when it's communicating with the Internet.  The servers also need to communicate with internal resources using their real IP addresses.  I'm new to iRules  so I'm wondering if the following is close to correct and/or is there a better way to accomplish it?&nbsp;
when CLIENT_ACCEPTED {
  if { [IP::addr [IP::client_addr] equals 10.0.0.0/8] or [IP::addr [IP::client_addr] equals 192.168.0.0/16] } {
    snat none }
  elseif {
    snat 1.1.1.1
  }
}&nbsp;

nitass · Answer

it is wildcard (0.0.0.0:0/0) virtual server,isn't it? i understand you have to also check destination ip in irule for not using snat.&nbsp;
IP::server_addr&nbsp;
https://devcentral.f5.com/wiki/iRules.IP__server_addr.ashx&nbsp;

Forum Discussion

iRule that source SNATs based on destination

1 Reply

Recent Discussions

Port Group on F5OS network setting

Advise on setting up IRULE

F5 iRule to replace host to path

google-visualization-issues

google autenticator broken barcode

Related Content

Block destination IP by source IP

F5 AFM Source / Destination NAT

How to ensure source address and source port are accepted and traversed properly via F5 SNAT automap

Different policies same destination and pool

show "rule" source/destination port