NimbostratusThe developer want receive the IP adresse of end client in server web to do some statistic, but the Waf f5 Big-ip does not send the ip public address, the waf f5 send the self IP of Waf f5. is there a solution to use reverse proxy of the Waf without using SNAT or automap.
the image show the objectif of what we want.
thank you
MVP
Hope it helps you !
Nimbostratuscan you show me an example or a tutorial of how to implement the routed mode.
MVPHi ,
You can refer Routed Mode section under below article.
Nimbostratushi
thank you for your response,
Please, i haven't idea on how to implement this routed mode, can you send another a link who he explain it by an exemple.
thank you in advance for your help
MVP,
Please find attached high level connectivity diagram for Routed mode.
Normally as you know that SNAT/Automap is enabled for avoiding asymmetric routing issues for application requests which are coming via F5. This is because, most of time backend web-server default gateway is set to Core Switch/Router but not-F5. With this SNAT, settings, actual client IP is not visible at web-server end. This is your current case.
Now in Routed mode, Web-Server gateway is pointed towards F5 IP address. And so Asymmetric routing issue will not come in this type of architecture as response to client request coming from F5 will go through F5 only. No need of enabling SNAT/Automap settings. In this case, actual client IP will be visible at web-server end. This is your requirement/use case.
In routed mode type architecture, you may need to add network & VLAN configuration on F5 for the web-server subnet.
Hope it helps you!
Mayur
NimbostratusHi
thank you for your help, I understood well and I was able to realize it thanks to your explanation
MVPI am glad it helped you. Cheers!
