I'm not sure if my terminology is correct when using hairpinning but i was wondering if there is any special config needed when you try to access a content rule VIP from a server that's configured as a member of a source group on the same CSS?
So say i have a content rule with a VIP 22.214.171.124 and i also have two servers 192.168.1.1 and 192.168.1.2 that are part of a source group with VIP of 126.96.36.199. My problem at the moment is if from the servers 192.168.1.x i try to ping the other VIP 188.8.131.52 that's configured on the same CSS then it doesn't work and ping fails. The same happens with HTTP traffic to the 184.108.40.206 VIP.
I would have thought that the NAT of the source group would happen before the routing so the 192.168.1.x IP's would be natted to 220.127.116.11 and then passed over for routing where the CSS would see that the VIP 18.104.22.168 is local and it would send it on it's way.
I thought it might be ACL related but i increased the verbosity of acl logging and couldn't see anything in the logs.
The source group works fine on it's own and from the CSS itself i can ping the 22.214.171.124 VIP fine. It just seems that from the source group members i can't ping the VIP.