I'm not sure if my terminology is correct when using hairpinning but i was wondering if there is any special config needed when you try to access a content rule VIP from a server that's configured as a member of a source group on the same CSS?
So say i have a content rule with a VIP 220.127.116.11 and i also have two servers 192.168.1.1 and 192.168.1.2 that are part of a source group with VIP of 18.104.22.168. My problem at the moment is if from the servers 192.168.1.x i try to ping the other VIP 22.214.171.124 that's configured on the same CSS then it doesn't work and ping fails. The same happens with HTTP traffic to the 126.96.36.199 VIP.
I would have thought that the NAT of the source group would happen before the routing so the 192.168.1.x IP's would be natted to 188.8.131.52 and then passed over for routing where the CSS would see that the VIP 184.108.40.206 is local and it would send it on it's way.
I thought it might be ACL related but i increased the verbosity of acl logging and couldn't see anything in the logs.
The source group works fine on it's own and from the CSS itself i can ping the 220.127.116.11 VIP fine. It just seems that from the source group members i can't ping the VIP.