Forum Discussion
NimbostratusRetain the original source ip address on SMTP VS
Hi
I have a SMTP virtual Server with snat pool enable on it. the problem is that now the Microsoft Exchange team want to see the real client ip address on their servers, how can i achieve it.
my F5 software version is 11.4
any help would be highly appreciated.
9 Replies
TechTHi Siru, you can try inserting [IP::client_addr] in the xff(x-forward-for) header using HTTP profile or an iRule.
siru_129409Hi Manesh, thanks for your reply
yes, for http VS we can enable xff, are you sure about the SMTP VS...? or if you have any i rule for this can you please share..?
TechT_163800didnt catch the question properly... not sure about SMTP.
amolariCirrostratus
do not use snat for that VS. You might have to change your network settings/design.
- siru_129409
Hi Amolari, Actually i want to change my network settings, can i achieve it using nPath routing or iRule or any ohter workaround solution..?
- No irules are necessary. You must simply disable SNAT. When BIG-IP receives a connection, the source address is translated (or not) depending on those settings. The GUI path is: Local Traffic => Virtual Servers => (your smtp virtual) => Source Address Translation none means "don't NAT source address"
- siru_129409
Hi Amolari, Actually i dont want to change my network settings, can i achieve it using nPath routing or iRule or any ohter workaround solution..?
Ronald_van_der3It is hard to retain the original source IP if you cannot disable SNAT. Disabling SNAT means the return traffic should also pass through the F5, which is usually a change in network design.
- MVA
We used GTM instead and it works great for our Exchange SMTP.
