brad_11440
Sep 11, 2010Nimbostratus
LTM, X-Forwarded-For, IIS and AD
We have a home grown HTTP web application (IIS) that authenticates into Active Directory. Before, it was set up on a LTM with two pools (SNAT and no_SNAT). The pool members were configured to have the LTM be their default gateway. I feel this is bad design as that forces non-load balanced traffic through the LTM.
The option I prefer is using the HTTP profile X-Forwarded-For option to present the real client IP in the HTTP header. Has anyone ever specifically used this option with IIS and Active Directory ? The developers are going to need guidance that as of right now, I really can't provide.
Also is my statement that having servers change their default gateway to the LTM "bad design" accurate, in your expert opinions ? I came into this company after that solution was already in place.
Any help at all would be GREATLY appreciated!
Thanks!