dennypayne
Apr 10, 2007Employee
LINK::vlan_id
Is the LINK::vlan_id statement capable of setting the vlan id as well as reading it?
The reason I ask is this: I have a rule set up to SNAT that is applied only to certain VIPs.
when CLIENT_ACCEPTED {
snat 192.168.10.10
}
I also have 192.168.10.10 set up as a self-IP on one of the LTM VLANs, because if you don't do that, LTM will not respond to arp requests for that SNAT address.
The rule does apply the SNAT, I can see it in tcpdump. However, it sends it out the wrong VLAN. It seems that LTM is just picking the first VLAN tag in the list to send the traffic from.
I'd like the rule to enforce the correct VLAN id so the return traffic works correctly (with the egress coming out of the wrong VLAN the firewall blocks the return).
Any thoughts?
Denny