Forum Discussion
AceDawg1
Jun 19, 2018Nimbostratus
To obtain the source IP address of the client rather than the self-ip/SNAT address of the F5, you must do the following:
- Configure the SNAT setting on the virtual server to none
- Configure the AD servers to use the self-ip address of the F5 as default gateway*
*The F5 will have to have layer 2 adjacency to the AD server(s). In other words, at least one F5 interface will need to have VLAN configuration on the same VLAN(s) as the AD server(s)
- paulpatriot_129Jun 19, 2018Nimbostratus
Unfortunately, I was hoping for a better solution as I didn't want to have to make a bunch of configuration changes to make this work. Thanks
- AceDawg1Jun 19, 2018Nimbostratus
For future reference, web based applications can obtain the true client IP address by way of the x-forwarded-for header. This approach eliminates the need for network reconfiguration:
https://support.f5.com/csp/article/K4816