Forum Discussion

paulpatriot_129's avatar
paulpatriot_129
Icon for Nimbostratus rankNimbostratus
Jun 19, 2018

How to get client ip to show when load balancing AD ldaps servers as we are only seeing source NAT.

We are load balancing AD servers for LDAPS and are wondering if there is anyway to see the real client IP instead of the F5 source NAT.  
application delivery
LTM
AceDawg_204810's avatar
AceDawg_204810
Icon for Cirrus rankCirrus
Jun 19, 2018

To obtain the source IP address of the client rather than the self-ip/SNAT address of the F5, you must do the following:

 

  1. Configure the SNAT setting on the virtual server to none
  2. Configure the AD servers to use the self-ip address of the F5 as default gateway*

*The F5 will have to have layer 2 adjacency to the AD server(s). In other words, at least one F5 interface will need to have VLAN configuration on the same VLAN(s) as the AD server(s)

 

paulpatriot_129's avatar
paulpatriot_129
Icon for Nimbostratus rankNimbostratus
Jun 19, 2018

Unfortunately, I was hoping for a better solution as I didn't want to have to make a bunch of configuration changes to make this work. Thanks