Forum Discussion

Nimbostratus

Apr 25, 2016

Client/Source IP is not passed to downstream application

I have VIP in F5 SNAT with x-forward enabled - but SSL is terminated at the backend. We have http profile is set none to make the client mutual authentication to work along with SSL. How do I...

Altocumulus

I guess it depends on how you've designed your environment, but at a minimum you need to allow the BIG-IP to be able to see "inside" the encrypted traffic. You can do this by either SSL offloading or SSL bridging, you can then enable a http profile with the insert x-forwarded-for option enabled.

Ryannnnnnnnn

Altocumulus

Apr 26, 2016

What vulnerability, can you elaborate please?

Forum Discussion

Client/Source IP is not passed to downstream application

Recent Discussions

Server 2 causing application slowness

F5Access | MacOS Sonoma

AS3 Deployments (shared objects)

Inquiry on F5's Maintenance Mode Feature for Pool Members

Ansible modules for F5OS

Related Content

Enhance your Application Security using Client-side signals

F5 BIG-IP per application Red Hat OpenShift cluster migrations

Enhanced Modern Applications and MicroServices SSO with NGINX

Community Learning Path: Web Application and API Protection (WAAP)

Adaptive Apps: Replicate & deploy WAF application security policies across F5's security portfolio