Forum Discussion

Nimbostratus

May 17, 2022

APM - How to configure logging of snat addresses for network access and app tunnels

Hello everyone, we are using BIG-IP Access Policy Manager to enable administrative access to systems via App Tunnel and Network Access resources. For security reasons, we need to be able to map req...

BIG-IP Access Policy Manager (APM)

MVP

Sep 28, 2023

If you turn up logging of the access profile you will be able to log the user and which lease ip it gets assigned and the actions performed. I have only used debug, but it migth be possible to go lower than that. All the lines are prefixed with the session id, so you should be able to correlate on that to identify a user.

You can also look here: https://community.f5.com/t5/technical-forum/userid-to-leasepool-ip-mapping/td-p/60728

for inspiration regarding the actual logging with an iRule.

Forum Discussion

APM - How to configure logging of snat addresses for network access and app tunnels

Recent Discussions

Convert Nginx rule to F5 irule

Python code using Parallel-SSH library to connect to F5 BigIP

Change Velos Management IP

I cannot activate the license on BIG-IP-NEXT

HA Sync issue on Active-Active Cluster

Related Content

SNAT IP address logging

How I did it - "Configuring remote logging for F5 Distributed Cloud Services"

configure custom log profile for F5 WAF

Can APM be configured with two proxy addresses

Block IP Addresses With Data Group And Log Requests On ASM Event Log