Forum Discussion

Nimbostratus

Mar 20, 2019

Preserve client IP and client certificate with SharePoint

Using x-forwarded-for preserves the client IP but interferes with Common Access Card (CAC) authentication when using AUTOmap with a Standard vs. We have switched to nPath routing for generic applica...

Cumulonimbus

Mar 26, 2019

Hi,

the only way to provide the actual IP of the client is to switch to npath or put the F5 as GW for sharepoint servers.

If you set F5 as GW of your sharepoint server it can work but it's like inline...

For preserving CAC you have multiple choice:

you can swith your ssl termination on Sharepoint
SSL proxy.
Authenticate user on F5 side then uses Client Certificate Constrained Delegation (C3D) to support complete end-to-end encryption when interception of SSL traffic in a reverse proxy environment is required and when client certificates are used for mutual authentication.

Hope it will help you.

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Preserve client IP and client certificate with SharePoint

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

Automating ACMEv2 Certificate Management on BIG-IP

Re: Management Certificate

APM Sharepoint authentication

Automate Let's Encrypt Certificates on BIG-IP

Automating NGINX Certificate Rotation on AWS

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS