Traceroute & NAT Issue
Hi All,
I am facing a strange problem with F5.
1.) the first problem is related with traceroute. I can't get F5 IP address when doing traceroute from next hop network devices to internal server.
this problem only occurs in TMOS 11.3.0 or later. when I change it to 11.0 it works as expected. (please refer to my attachment , serverIP: 10.2.4.1, F5 IP:192.168.9.245)
my question is, is there any bug in this version of OS ? or is it deliberately designed to secure the network ? if yes, then is there a way to change this behavior ?
2.) The second problem is related with NAT. again, in version 11.0.0, if I configure NAT translation (i.e. one to one NAT) and enable it on public facing interface (internet vlan) , F5 will change the incoming external traffic destination IP (NAT-ed IP) to configured origin IP (Destination NAT) and when the server(with the cofigured origin IP) generating traffic to internet through F5, F5 will change the source address of the server to the public NAT address respectively. (Source NAT). in another word, F5 is doing NAT for bidirectional traffic.
But in version 11.3.0 or later, I find F5 only translate address for incoming traffic , but not outgoing traffic. (Destination NAT only)
any idea related to this issue ?
Thanks
Ian