Forum Discussion
zamroni777
Feb 27, 2024Cumulonimbus
what is the applicaton layer of the service?
if it is http/s based, then with f5 snat enabled, f5 can put the client ip in XFF header and then webservers usually can read client ip address from that XFF header.
if not http/s, then check whether if it's possible to add routing entries in webserver: f5 server side self ip as router for traffic to specific source subnets.
if yes, then you can safely configure with f5 snat disabled.
basically, f5 prefers client requests and server responses go through f5.