Forum Discussion

Stuart_Page_131's avatar
Stuart_Page_131
Icon for Nimbostratus rankNimbostratus
Apr 14, 2015

Logging frontended LDAP with SNAT

Our organization frontends LDAP/LDAPS using F5 virtual servers with our DC's as nodes. We have implemented SNAT to resolve asymmetric routing to our DC's. We use an iRule to forward connection details for these VS's using HSL to a SIEM/syslog appliance. The current iRule solves a classic problem created by the SNAT--that of logging source IP addresses, which would be otherwise lost if we weren't logging from F5. Enough background--here's my question:

 

Has anyone been able to grab other details about the LDAP authentication session such as the user account? Is there a native way to extract this data through an iRule, or some other means such as reading the packet information?

 

Thanks.