Forum Discussion
LTM + ASM on separate boxes
I am trying to deploy LTM and ASM on separate 1600 boxes. Followed the guidelines of F5's deployment guide ("Deploying the BIG-IP Local Traffic Manager with Multiple BIG-IP Application Security Managers"). I configured one exterior VS and one interior VS on LTM. Also configured a VS on ASM box. On the LTM side SNAT automap is in use and I am getting original client IPs through XFF.
I have couple of issues with this configuration. Firstly, I can see the original client IPs on ASM request logs but when the traffic goes back to LTM interior VS and then to the IIS servers, client IPs are disappearing and I can see only the SNAT IP as requester.
Secondly, I am using cookie persistence but all the requests are going to the one pool member on LTM.
Is there any suggestions about this topology? Any idea or recommendations about this scenario will be appreciated.
Thanks,
Fatih
- nitass
Employee
when the traffic goes back to LTM interior VS and then to the IIS servers, client IPs are disappearing and I can see only the SNAT IP as requester.where did you see client ip? was it x-forwarded-for header?
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com