Forum Discussion

Nimbostratus

Sep 28, 2008

tracking user sessions when snatting

I am looking at changing configuration for load balancing so that we use a snat pool rather than passing the original client IP back to the webservers. Snat will save me many headaches with routing, ...

Cirrostratus

Sep 29, 2008

As skottieb suggested, using an XFF header is the typical way to track the original client IP address for HTTP requests through a device which performs source address translation to ensure symmetric routing. SOL4816 has some additional information on hwo to configure IIS and Apache to log the custom header (Click here). If you are using the XFF header for something other than reporting, you should consider removing any existing XFF headers in the request. You can do this by configuring the HTTP profile's 'Request Header Erase' field with X-Forwarded-For.

Aaron

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

tracking user sessions when snatting

Jonathan - March 2026 Featured Member

F5 AppWorld 2026 Las Vegas - iRules Contest Winners!

2026 F5 DevCentral MVP Announcement

Recent Discussions

Recommendation for Adv. Lab

Unable to Forward APM and AFM Logs to AWS CloudWatch Using Telemetry Streaming

How to configure ssh access by key on F5OS

F5 BIG-IP DNS/Audit Logs — Structured Format for SIEM Ingestion

Bot Defense causing a lot of false positives

Related Content

F5 Architecture Track Sessions - AppWorld 2026

F5 XC Session tracking and logging with User Identification Policy

Tracks, Hacks, and Time to Relax

MCP Session Affinity With F5 NGINX Plus

LLM Streaming Session Pinning for WebSocket AI Gateways

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS