Forum Discussion

Cameron_14291's avatar
Icon for Nimbostratus rankNimbostratus
Apr 24, 2012

SNAT IP is messing up Auditing




I am an F5 newbie.


We have a VIP set up using SNAT to access our Application servers.


The auditing tool we use to identify unique users does not work as it always registers the SNAT IP.



Is there a way to configure an iRule to have the packet include the original source IP address?




Thank you in advance for any help...!



1 Reply

  • If it is HTTP or HTTPS app (and your offloading SSL on the BIG-IP), then you can use the HTTP profile to insert client IP and extract in on the server for logging it in usual location.



    With Apache, this is pretty trivial as illustrated in article at the following link:



    With IIS, it requires a bit more work to accomplish: