F5-BIGIP : Configuring NAT | DNAT | NAT 1:1

We can distinguish two main types of NAT (?):

  1. Source NAT whereby the source IP address of an incoming IP packet is replaced (translated) into a different IP address as it exits the device.
  2. Destination NAT does a 1:1 mapping between two destination IP addresses; this is also named as Static NAT or 1:1 NATOn the F5 BIGIP appliance this type of NAT is configured as a NAT object. If you think about it, at a high level, DNAT is what a virtual server does – but without the load-balancing mechanism.

Both SNAT and NAT configuration objects are found in the GUI under Local Traffic :: Address Translation section. For more detailed information, refer to https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/tmos-routing-administration-11-6-0/7.html.

In this blog I will show you how to configure Destination NAT on the F5 BIGIP appliance.


IMPORTANT:

  1. We do not have the option of configuring outbound or inbound NAT. Once configured, NAT will automatically be enabled on both directions.
  2. NAT is enabled on all IP traffic, regardless the service port. Therefore, it shouldn’t be configured over the Internet!

In the example below, I am translating the destination IP address of 172.16.10.11, to the backend server’s IP address 10.0.0.11:

Let’s see how to configure it; please refer to the topology above.


 

Thank you,

Rafael A. Couto Cabral • LinkedIn Profile
Cisco​ | F5 | VMware Certified • PRINCE2 Practitioner

Originally posted 2017-12-06 18:08:43.

Related Post

Comments are closed.