For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Ed_Summers's avatar
Ed_Summers
Icon for Nimbostratus rankNimbostratus
Jan 20, 2015

Yes it will work if you ensure that the response traffic returns through the LTM. If your pool members (server) utilize the LTM as their gateway, then the traffic will return through the LTM and should be processed successfully. (One caveat: Any clients that reside on the same subnet as your pool members will not work, as the pool member will respond directly to the client.)

 

If this is an HTTP virtual (or HTTPS but you can process traffic on the LTM unencrypted), you also have the option to provide the original client IP address in an 'X-Forwarded-For' header. This would allow you to enable SNAT if requried, while also providing 'real' client IPs to the pool member, albeit in application-layer data. See SOL4816 for more info on X-Forwarded-For.