Symantec Email Gateway behind F5

Question

I would like to use F5 in order to provide high availability across two Symantec Email Gateways. Symantec Email Gateways have to see the real Source IP in order to filter out emails based on IP reputation, that means i can't do a SNAT on F5 and hence gateway on Symantec should be F5. But i don't want Symantec's gateway to be F5. Is there any other way i could pass the real source IPs from F5 to Symantec Email Gateway? As far as i know Xforwarding will not work as Symantec does't support it.

snl · Answer

use dual arm or inline &nbsp;

stanislas_piro2 · Answer

Hi,&nbsp;
Since F5 load balance SMTP, the answer is still the same...&nbsp;
X-Forwarded-For header is only compatible with HTTP(S) protocol.&nbsp;
In SMTP, Received header (inserted by each SMTP relay) is in the header of Data and not in SMTP conversation. so you have to listen all SMTP conversation to catch start of DATA, then insert Received Header.&nbsp;
Until F5 doesn't create SMTP irule events, it will be difficult to do this... maybe you can be the one who will success :-)&nbsp;
The other solution is to define the BIGIP as default gateway.&nbsp;

Forum Discussion

Symantec Email Gateway behind F5

Recent Discussions

AS3 Limitations

Diameter iRules attachment?

Help needed with iRule (connection closed log )

Use of SSL Decryption.

VLAN Failsafe Functionality

Related Content

F5 AI Gateway - Secure, Deliver and Optimize GenAI Apps

Integrating SSL Orchestrator with Symantec ProxySG: Explicit Proxy

API Gateway Mapping - Gartner - F5

Integrating SSL Orchestrator with Symantec ProxySG: Transparent Proxy

Load Balancing Omnissa Unified Access Gateway with BIG-IP LTM

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS