You created a forwarder virtual server for your servers behind the bigip appliance to access the internet, your server could not get a respond back. You troubleshoot the problem and found that:
- Default route is configured in the bigip.
- You cannot ping the next hop gateway specified in the default route.
- You could not determine if this is the cause of routing because the next hop router is not in your governance.
To troubleshoot the problem you can try using SNAT automap. SNAT automap will translate the address in this sequence:
- floating self ip of the egress vlan.
- floating self ip of a different vlan.
- non-floating self ip of an egress vlan.
- non-floating selfip of a different vlan.
After you have turned on the SNAT automap your server is able to get external updates
Now you can conclude that it is highly possible that the next hop router does not have a route back to your server.
what this means is that your server’s traffic is being translated into the floating self ip address of vlan internet, and the firewall thought that the incoming request is from a directly connected route.
cyruslab 