True Source IP address

Question

Currently using an F5 to load balance a Websense web proxy deployment.  Using the vendors "; iApp template to load balance the traffic between blades which is working. The issue is that the proxy logs show the FIP of the load balancer rather than the true IP of the users system.  I am not using SNAT, XFF is enabled on the HTTP services profile, XFF is also enabled on the web proxy.&nbsp;
What am I missing here?&nbsp;

faheda_5424 · Answer

When you say FIP, do you mean the LTM vip, or the real IP address of the LTM?  If you aren't using SNAT, then I'm assuming that the websense boxes have their default GW set to the F5s? &nbsp;
If SSL is involved (depending on how the proxy architecture is set up), I've run into the issue before if its passthrough and the LTM can't inject the header since it isn't terminating the SSL transaction and thus can't manipulate the HTTP requests midstream.&nbsp;

jaikumar_f5 · Answer

I'd say you need to take route on checking how websense proxy honors to capture the client IP from the XFF Header.&nbsp;

ithomas · Answer

Faheda's comment made me a bit curious and dig a bit deeper.  Looks like there is a SNAT in use through the iApp even though its not immediately visible through the config.  Jaikumar, I will have to look into the header information getting to the proxy.&nbsp;
Greatly appreciate both of your input into this topic.&nbsp;

Forum Discussion

True Source IP address

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

CSV to Address External Datagroup File

ICMP Custom Source Address Monitor

Is it possible to choose the access profile used based on source IP address?

Limit source address without address list

Ipv6 address

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS