Forum Discussion

Nimbostratus

May 17, 2022

APM - How to configure logging of snat addresses for network access and app tunnels

Hello everyone, we are using BIG-IP Access Policy Manager to enable administrative access to systems via App Tunnel and Network Access resources. For security reasons, we need to be able to map req...

BIG-IP Access Policy Manager (APM)

MVP

Sep 28, 2023

If you turn up logging of the access profile you will be able to log the user and which lease ip it gets assigned and the actions performed. I have only used debug, but it migth be possible to go lower than that. All the lines are prefixed with the session id, so you should be able to correlate on that to identify a user.

You can also look here: https://community.f5.com/t5/technical-forum/userid-to-leasepool-ip-mapping/td-p/60728

for inspiration regarding the actual logging with an iRule.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

APM - How to configure logging of snat addresses for network access and app tunnels

F5 Academy at AppWorld 2026

Aswin MK - November 2025 Featured Member

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Terraform AS3 code for GTM Only.

BIG-IP device fails to install node-inspector

WAF Block Request

AST Configuration Assistance

F5 HA deployment in Azure using Azure Load Balancer

Related Content

SNAT IP address logging

How I did it - "Configuring remote logging for F5 Distributed Cloud Services"

F5 Distributed Cloud Telemetry (Logs) - Loki

Block IP Addresses With Data Group And Log Requests On ASM Event Log

wccp configuration for SSL Orchestrator

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS