Forum Discussion
Public IP address display
- Jan 28, 2023
Hi AK_1947 ,
It’s a strange thing , because you can’t see the Self/floating ip addresses instead of the public or original source ip of the client.
The only way to see that if you have TWO f5 in one path or behind each other Like the below snap-shot :I think there is a misconfiguration in network design , because the above snap shot is the only possibility to see the self/floating sends traffic if you use the ( SNAT ->> auto map ) option in the first F5-ASM1 Appliance.
So check it again , no further configuration to do from F5 side , the only thing is to check and review your network design configuration and traffic flow paths. - Jan 31, 2023
Hi AK_1947 - did Mohamed_Ahmed_Kansoh or Paulius's replies help you out, or are you still struggling? If one of their replies helped solve your issue, please click "Accept as Solution" so other users with the same issue can find the answer in the future. 🙂
Hi AK_1947 ,
If this available with you , can you share the design of your network , also can you clarify if both of F5 ASM appliances dependant to each other in one flow traffic pass for traffic or independantly separted and each one work alone.
so I need more clarification.
If one of your F5 appliances behind the other and you enable SNAT automap , of course you will see the user public real ip in the first F5 and by SNAT with Automap you will see the traffic sourced by first F5 self ip to the second F5 appliance which i suspect that it’s behind it.
Aslo , What I understood from you that Public ip for the Client " in home or via internet " appears as a public ip/original ip via one of devices and the other display a private or self ip instead of public one.
Let's try to explain it.
We got a cluster in active/passive mode , active member the self-Ip address is display. When the second one is active and the first is passive mode, all is Ok. We got the right information (the public ip address) when we try to access on the link.
Both are behind the Firewall, we use NAT rule, we got the same configuration. The only change is, the first one, we flow in dedicated WAN line. But that would not be the cause I think so.
Apologize for my English, I do my best. If the context isn't clear, I will add more to make it clear.
Thank you for you help
- Jan 24, 2023
Hi AK_1947 ,
Is IP : 10.135.0.53 the self ip address that you mean it appears to you instead public ip address ?Also , Do you mean that Public IP of user should be appear instead of self ip address ?
Also , Do you monitor this behavior by ASM Event logs or explain how does the tool (url) work ?I will follow up your request after clarifying more.
- AK_1947Jan 28, 2023Nimbostratus
Hello
Sorry for the delay I was out off.Find my answers below on yours questions :
Is IP : 10.135.0.53 the self ip address that you mean it appears to you instead public ip address ?
Yes, that's not good for us.
Also , Do you mean that Public IP of user should be appear instead of self ip address ?
Yes, it should be
Also , Do you monitor this behavior by ASM Event logs or explain how does the tool (url) work ?
Yes, it's . Like I said earlier, we got another F5 ASM and when the traffic is on that one, all works.
Both ASM configuration are the same, I got suspicion on ASM network configuration (Interfaces, self IP address and VLAN ) on the one we got the issue.
Best regards- Jan 28, 2023
Hi AK_1947 ,
It’s a strange thing , because you can’t see the Self/floating ip addresses instead of the public or original source ip of the client.
The only way to see that if you have TWO f5 in one path or behind each other Like the below snap-shot :I think there is a misconfiguration in network design , because the above snap shot is the only possibility to see the self/floating sends traffic if you use the ( SNAT ->> auto map ) option in the first F5-ASM1 Appliance.
So check it again , no further configuration to do from F5 side , the only thing is to check and review your network design configuration and traffic flow paths.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com