Last Modified: Apr 28, 2025
Affected Product(s):
BIG-IP LTM
Known Affected Versions:
11.4.1, 11.5.0, 11.5.1, 11.5.1 HF1, 11.5.1 HF2, 11.5.1 HF3, 11.5.1 HF4, 11.5.1 HF5, 11.5.1 HF6, 11.5.1 HF7, 11.5.1 HF8, 11.5.1 HF9, 11.5.1 HF10, 11.5.1 HF11, 11.5.2, 11.5.2 HF1, 11.5.3, 11.5.3 HF1, 11.5.3 HF2, 11.5.4, 11.5.4 HF1, 11.5.4 HF2, 11.5.4 HF3, 11.5.4 HF4, 11.5.5, 11.5.6, 11.5.7, 11.5.8, 11.5.9, 11.5.10, 11.6.0, 11.6.0 HF1, 11.6.0 HF2, 11.6.0 HF3, 11.6.0 HF4, 11.6.0 HF5, 11.6.0 HF6, 11.6.0 HF7, 11.6.0 HF8, 11.6.1, 11.6.1 HF1, 11.6.1 HF2, 11.6.2, 11.6.2 HF1, 11.6.3, 11.6.3.1, 11.6.3.2, 11.6.3.3, 11.6.3.4, 11.6.4, 11.6.5, 11.6.5.1, 11.6.5.2, 11.6.5.3
Fixed In:
12.0.0
Opened: Jul 11, 2014 Severity: 3-Major Related Article:
K15805
SNAT translation happens though SNAT list is configured with 'vlans enabled' on 'vlans none'. For example, having the configuration as follows, tmsh list ltm snat ltm snat default_snat { origins { 0.0.0.0/0 { } } translation /Common/10.10.10.20 vlans-enabled } This is not expected to translate, since vlans are not specified.
Translation is not getting disabled.
Having the snat list as follows, with vlans enabled flag and no vlans specified. tmsh list ltm snat all-properties ltm snat default_snat { app-service none auto-lasthop default description none metadata none mirror disabled origins { 0.0.0.0/0 { app-service none } } partition Common source-port preserve translation /Common/10.10.10.20 vlans none vlans-enabled }
Work around is to have "vlans disabled" with the list of all vlans to be disabled.
SNAT list enabling on empty VLAN list no longer translates. This is correct behavior.