Forum Discussion
NimbostratusNeed to see client IP when using SNAT and load balancing OID.
Due to current network environment, our LTM requires automap SNAT. I've setup a virtual server to load balance OID servers. However we cannot see the client's real IP due to the SNAT. The SOL4816 solution seems to only apply to HTTP webserver traffic. Has anyone been able to get this to work with LDAP protocol?
Thanks.
- Hi Victor, unfortunately, I don't see an easy way to do this with LDAP. The protocol doesn't support an easy way to add X-Forward-For type functionality. The only option that comes to mind, is that in LDAP V3, there is a way to use custom extensions, so you could write and iRule to use that feature, to insert the ClientIP. You would also have to write a process to extract that data from the LDAP server when the request was sent to the server. It might actually be easier to work with your networking team to find away to not use SNAT. You could try posting your question to a larger audience in the Advanced Networking forum and see if someone else has some ideas for you.
-Chris. 
VictorCThank you Chris
netgeek_109058Hello Victor; Another option is that you disable the SNAT (NONE ), which are the default LTM your gateway server and it can have visibility of your client IP ; addition as PLS can fastL4 profile , keep in mind the limitations of this scenario expuesto.Cualquier above doubt gladly .
Best regards
dfosborne2_2224If your pool members on the backend are linux, I have a solution which creates a "conditional bigip gateway" fully exposing the client IP address which is helpful when youre doing some sort of traffic for which you cannot inject headers via an iRule. You can see that here:
https://devcentral.f5.com/codeshare/kill-snat-automap
The doc spells out the requirements...and no it does not require the bigip to be the default gateway of the given pool member.