F5 APM Client IP and X-Forwarded-For

You are not right but I fixed made it! Just disable restrict to single client IP check. Then you have to apply following iRule on all access-profile enabled VS.

when HTTP_REQUEST {

   if { [HTTP::cookie exists "MRHSession"]} {

       set apmip [ACCESS::session data get session.user.clientip]

       set realip [HTTP::header X-Forwarded-For]

       if { ($apmip != $realip) && ($apmip != "") } {

           set sessionID [ACCESS::session sid]

           ACCESS::session remove -sid $sessionID

           HTTP::redirect "/my.logout.php3?errorcode=20"

       }

   }

}

when ACCESS_SESSION_STARTED {

   if {[HTTP::header exists X-Forwarded-For]}{

       set userip [HTTP::header X-Forwarded-For]

       ACCESS::session data set session.user.clientip $userip

   }

}