How to Preserve Source IP in non HTTP/HTTPS TCP Virtual Server

Question

Our Customer has the demand that they want the Source IP address of Client who want to access one of their Application which is non HTTP/HTTPs , mean while i have follow different threads of Devcentral and prepare the below irule.

But still i am unable to preserve Client IP as Customer server didn't receive Source IP in the request from F5.

when CLIENT_ACCEPTED {

set opt28 [TCP::option get 28]

if { [string length $opt28] == 5 } {

binary scan $opt c ver

if { $ver != 1 } {

log local0. "Unsupported Akamai version: $ver"

} else {

set optaddr [IP::addr parse $opt28 1]

}

when SERVER_CONNECTED {

scan [IP::client_addr] {%d.%d.%d.%d} a b c d

TCP::option set 29 [binary format cccc $a $b $c $d] all

}

yoann_le_corvi1 · Answer

Hi&nbsp;Haven't tried in live on a lab, and not yet 100% sure it's possible. But give it a try with snat command &nbsp;https://clouddocs.f5.com/api/irules/snat.html&nbsp;Instead of manipulating the tcp payload directly.&nbsp;Yoann

Forum Discussion

How to Preserve Source IP in non HTTP/HTTPS TCP Virtual Server

1 Reply

F5 Academy at AppWorld 2026

Aswin MK - November 2025 Featured Member

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

CVE mitigation on F5 XC vs classic F5 WAF

Could not communicate with the system. Try to reload page.

F5 XC 503 upstream_reset_before_response_started{protocol_error}

UCS Encryption Question

BIG-IP VE: 40G Throughput from 4x10G physical NICs

Related Content

F5 HTTPS Redirect 2025

Handling HTTP Requests on an HTTPS Virtual Server

HTTP POST redirect preserving POST data

The State Of HTTP/2 With F5 LTM

Application Study Tool: Make Grafana Listen on HTTPS

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS