A10 configuration template

Basic Configuration

clock timezone Asia/Taipei nodst
!
slb template tcp Default
   idle-timeout 300
   reset-fwd
   reset-rev
!
enable-management service telnet management
!
web-service timeout-policy idle 60
!
terminal idle-timeout 60

Wildcard outgoing NAT

Gateway IP: 10.2.2.254/24
Source IP: 10.1.1.0/24
NAT IP: 10.2.2.100
Source vlan: 10

interface ve 10
 ip allow-promiscuous-vip
!
ip nat pool SNAT_IP 10.2.2.100 10.2.2.100 netmask /24
!
slb server GW_IP 10.2.2.254
   port 0  tcp
       no health-check
   port 0  udp
       no health-check
!
slb service-group GW_TCP tcp
    member GW_IP:0
!
slb service-group GW_UDP udp
    member GW_IP:0
!
slb virtual-server _wildcard_vserver 0.0.0.0
   port 0  tcp
      source-nat pool SNAT_IP
      service-group GW_TCP
      no-dest-nat
   port 0  udp
      source-nat pool SNAT_IP
      service-group GW_UDP
      no-dest-nat
   port 0  others
      source-nat pool SNAT_IP
      service-group GW_TCP
      no-dest-nat
   port 21  ftp
      source-nat pool SNAT_IP
      service-group GW_TCP
      no-dest-nat

L3 mode NAT

Gateway IP: 10.2.2.254/24
Source IP: 10.1.1.0/24
NAT IP: 10.2.2.100
Source vlan: 10
Gateway vlan: 20

interface ve 20
 ip nat outside
interface ve 10
 ip nat inside
!
access-list 101 permit ip 10.1.1.0 0.0.0.255 any
!
ip nat pool SNAT_IP 10.2.2.100 10.2.2.100 netmask /24
!
ip nat inside source list 101 pool SNAT_IP