-
Static NAT
Hello! I would like to request your help, I have a thunder which is performing the nhld function with two ISPs and 3 published sites, internet browsing and published sites work correctly, but there is a nateo that is made from one of the ISPs to a Private IP address (LAN) this nateo is used for SSL VPN connection in a…
-
Snat in NHLD with alternate server
Hi I have this scenario in a client´s infrastructure where they have 2 Internet links in active pasive mode slb server LINK-1 20.20.20.1 alternate LINK-2 port 0 tcp port 0 udp slb server LINK-2 30.30.30.1 port 0 tcp port 0 udp --------------------------------------------------------------------------- slb service-group…
-
How can I use a VS IP as a source NAT in WILDCARD VS
Hi, guys. I've observed instances in various clients where an SLB VS is configured alongside NHLD. When an internal client accesses the Internet, the SNAT is typically a pool or auto-NAT, based on our configuration. However, there are scenarios where exceptions are necessary, and an internal client must use the SLB VS IP…
-
SNAT from Health Monitor
Hello First time posting here and new to A10..... hopefully I'm within guidelines :-) I'm currently trialing the 4.1.4 P10 software in our lab and can't get the real servers to come up. The reason is, the real servers are UAT servers in the prod network but the ADC is in our lab, where the IP's are not routable from prod.…
-
F5 automap feature
Hi, I have one F5 with irule contain "automap snat", this functionality allows changing the IP when the destination is local to one of the F5 in order to prevent asymmetric routing. The automap options tells to BIG-IP to decide what source ip to use to reach the destination network. I rule like this when CLIENT_ACCEPTED {…
-
Problem with ip nat pool configuration not deletable
Hi Everyone We have a problem with our TH1030S cluster(two TH1030S, VRRP-A and VCS). Advanced Core OS (ACOS) version 4.1.4-GR1, build 78 . I can't erase the following ip nat pool configuration. ip nat pool 172.17.12.0 172.17.12.11 172.17.12.30 netmask /24 ``` #no ip nat pool 172.17.12.0 NAT pool is in use. Try again after…
-
Problem Insert Clien IP in HTTP Header
We have configured a HTTP Template for insert client IP in the Http Header, in the SLB VS configuration we have two apache server. The HTTP working properly in the Apache1 but Apache2 recived the HTTP Header with two X-Forwarded-For (IP Client and IP NAT) This is the configuration: A10PRO1-NEW-Active-vMaster[1/1][DMZ]#$…
-
Snat on vip clarification
Will I get the same result if I configure snat-on-vip, not configuring any snat or configuring snat with a snat pool that have the vip ip address only? what is the difference between configuring: 1- slb snat-on-vip 2- NOT configuring any snat 3- slb snat source nat-pool with pool that include a single ip address which is…
-
Conditional SNAT
I'd like to SNAT only one subnet of source IP addresses and have the remaining (0.0.0.0) IP addresses SLB as normal. Using an ACL I can nat to different pools however I have not found a combination or pool that will SNAT one network and SLB the rest of the traffic. Ideas - pointers? clients ---- AX ---- servers All clients…
