Forum Discussion

Altostratus

Apr 11, 2012

Persistent SNAT address based on session cookie

I have a client whose application is sensitive to the client IP address changing within a session. In their environment, there is some selective SNATting (internal clients are SNATted, public IPs ar...

config

design

uni

Altostratus

Apr 11, 2012

Thanks Michael. I don't know if the app respects the x-forwardrd-for header, and we don't have access to change it. We can't usea single address in the snatpool as the app does it's own source ip based load balancing.

I wonder if instead you could comment on the feasibility of my proposed solution and rule? I know an alternative mythos is to insert my own cookie with the snat address, which has the advantage of avoiding using a table, and is independent of the app's cookie, but the principle idea is the same.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Persistent SNAT address based on session cookie

Recent Discussions

BIG-IP SysLog appearing in ossec.log

MAC address of deleted VS IP address still responsive

Different common name ssl acces 403 forbiddent

TMSH Command to list ASM policies not attached to any virtual servers in all partitions

dynamic signature detection

Related Content

ASP Session ID Persistence

CSV to Address External Datagroup File

Sessions and Cookies and Persistence, oh my!

Persisting SNAT Addresses in Link Controller Deployments

Session persistence based on http header for machine to machine calls

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS