We've been asked to set something up so following a website release testers can connect to a webserver based on a URI to ensure the release is fine before enabling within the Pool. We've created a policy which checks for an appended URI at request time and if found sends the request from the tester to the appropriate webserver. What we need to do is restrict this for production so only the testers can do this, not general public. As the F5 does SNAT before hitting the web servers we thought we could also add a HTTP header to check for XFF header for the testers ip address. Unfortunately this doesn't seem to work. Does this seem a reasonable way to solve this problem and if so any ideas why it might not be working.