See real ip of the client - TCP VIP

Question

SETUP:VIP - 1.1.1.1:49pool - 2.2.2.2:49 and 3.3.3.3:49snat - automap&nbsp;so this is a tacacs setup, so the pool members only allow real ip of the devices and not snat ip of the F5. How can we set this up on the VIP? By the way I tried x-forwarded-for but it doesn't work since it is for HTTP. Please help.&nbsp;&nbsp;

maryv · Answer

If your F5 has an IP in the same subnet as your TACACS servers you don't need to enable SNAT. You just need autolast hop enabled &nbsp;https://support.f5.com/csp/article/K13876

koalan · Answer

Hi thank you for your response. But what if they dont have an IP under same subnet. They are already in place in different networks. Is there any other way I can do?

maryv · Answer

Not on the F5 as far as I know, but the clients should be able to to populate the rem_addr field?

koalan · Answer

i am sorry but i am not familar with rem_addr

Forum Discussion

See real ip of the client - TCP VIP

Recent Discussions

APM with EntraID as idP / request signed

Should config via cli rather than gui?

Background Tasks

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

Real Attack Stories: Bank Gets DDoS Attacked

Real Attack Stories: DDoS Against Email Provider

Real Attack Stories: Online Payment Center DDoS

Real Attack Stories: The "MOP Sink" Attack

Enhance your Application Security using Client-side signals – Part 2

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS