Forum Discussion

Nimbostratus

17 years ago

ssl - profile

Here is what i want to do : We have SNAT pool configured on our big ip so i use "X-forward-for" http header to log actaul client ip in web server. Now i want to do it for HTTPS. ...

management

monitoring

hoolio

Cirrostratus

17 years ago

1. Agree

2. Generally, it won't work if the server responds back to the client *not* through LTM. If the server responds back to the client from the server's IP address, the client will reject the response because the client established the connection via the virtual server IP address. The exception to this is if you configure the server to respond from the IP address of the virtual server (known as nPath in the F5 world).

Aaron

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

ssl - profile

F5 Academy at AppWorld 2026

Aswin MK - November 2025 Featured Member

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

CVE mitigation on F5 XC vs classic F5 WAF

F5 XC 503 upstream_reset_before_response_started{protocol_error}

UCS Encryption Question

BIG-IP VE: 40G Throughput from 4x10G physical NICs

JSON Web Key Set Endpoint

Related Content

SSL Profiles Part 6: SSL Renegotiation

SSL Profiles Part 5: SSL Options

SSL Profiles Part 8: Client Authentication

SSL Profiles Part 7: Server Name Indication

SSL Profiles Part 1: Handshakes

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS