Performance L4 VS - HTTPS [X-forwarded-for]

Question

Would someone confirm or share their experience

Can we have original client address passed through fastl4 profile to server on Performance L4 VS?

We have HTTPS [443] Performance L4 VS and trying to pass original client address to server. Server hosts the SSL certificate.

paulius · Accepted Answer

AP15 Regardless of the profile you are using you cannot modify or view anything that is encrypted without the SSL cert. If you want to do anything on the F5 with encrypted traffic you would have to terminate traffic at the F5 and if the server has to also have traffic be HTTPS you can re-encrypt the traffic using the SSL Server Profile. Second to this you should not be able to manipulate HTTP traffic either it being HTTPS or HTTP with a fastL4 profile.

Forum Discussion

Performance L4 VS - HTTPS [X-forwarded-for]

1 Reply

Recent Discussions

BIG-IP DNS: Check Status Of Multiple Monitors Against Pool Member

Open Redirection Mitigation

F5Access | MacOS Sonoma

enable tls1.2 on management interface on F5 ltm running version 10.x

[ASM] - what is "Browser Challenge file" ?

Related Content

iRule for AFM IP Intelligence security policy to work with HTTP XFF (X-Forwarded-For) headers

Restricting Access to Virtual from client IP address in X-Forwarder-For HTTP header

TCP Option 28 X-Forwarded-For Header

X-Forwarded-For on L4 VS

X-Forwarded-For Log Filter for Windows Servers