Forum Discussion

Nadeem_Siddiqui's avatar
Icon for Nimbostratus rankNimbostratus
May 13, 2022

Firewall did not seeing source public IP. Log show F5 as source IP.


I have a VIP that accesses able from outside. When the user connects to this VIP in the firewall log we see F5 source IP vs we should see public IP for that user. My VIP Source Address Translation is set to "Automap". If I change Source Address Translation to "NONE" I can see the user's public IP.  It looks like that incoming traffic is using my VIP and since my DMZ server gateway is a point to FW the return traffic will use the default VIP that we have for all outbound internet traffic. 

I am wondering that do I have an Asymatic routing issue or not or is there any issue if I use Source Address Translation to "NONE".


Below is my setup:
Internet <-------> F5 <----------> FW <--------------> DMZ server 


2 Replies