Keep Source IP & BIgIP as Default gateway

Question

Hello,  
&nbsp;  
&nbsp; I'd like to keep the source IP of my client behind the BigIP. F5 told me that I should define the BigIP as the default gateway for our servers. But which IP should be the default gateway ? And what do I have to change on the BigIP ? I've readen that I  have to create a new VS ? I have only 2 vlans on my bigip: one for sync the other for all the applications. For the applications, the IPS are in 2 subnets. 
&nbsp; Please some can tell me what I should to configure on the BigIP to have this working well ? 
&nbsp; Thanks for your help

james_quinby_46 · Answer

A typical method is to use the LTM's self IP as the gateway address. If you have an HA pair, use the float IP so that it's always available to your back-end servers. 
&nbsp;  
&nbsp;  If your network topology requires the use of a SNAT, you can preserve (for HTTP apps, in any case) client source IP via the "X-Forwarded-For" header. 
&nbsp;  
&nbsp; Using the BigIP as a gateway ('routed' mode) is how most folks tend to deploy in production. For testing and evaluation purposes, a SNAT'ed deployment ('one-armed' mode) is used because it's the least intrusive to the environment. Using routed mode will require you to change the default GW of any hosts that reside 'behind' the BigIP.

Forum Discussion

Keep Source IP & BIgIP as Default gateway

Recent Discussions

F5 ASM CEF Sending Logs in Specific TimeZone

F5 looses the token for the first call

feature request: container egress service

did not show checkbox on chrome while access through f5

How do I create a traffic log for two different route domains?

Related Content

LTM: Per-VLAN Default Gateways

API Gateway Mapping - Gartner - F5

SSL-VPN - Route all traffic NOT via the default gateway but via the CUSTOM gateway

AWS Transit Gateway Connect: GRE + BGP = ?

Integrating SSL Orchestrator with McAfee Web Gateway-Transparent Proxy

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS