Capture IP of Client Traffic

Hi Jason,

 

 

You can enable the XFF option on a custom HTTP profile to log the original client IP LTM sees on Apache. Try searching AskF5.com or these forums for X-Forwarded-For for related info:

 

 

SOL4816: Using the X-Forwarded-For HTTP header to preserve the original client IP address for traffic translated by a SNAT

 

https://support.f5.com/kb/en-us/solutions/public/4000/800/sol4816.html

 

 

Aaron

Thanks for the link. I will be sure to have a look and attempt to implement.

 

 

Jason

We actually needed to do the same thing: get the client ip.

 

 

However, we had a non-HTTP application - basically a custom TCP application. Therefore, we could not use the solution of adding something to the HTTP headers.

 

 

We had to do the following in order to get the client ip address to our custom TCP application:

 

 

1. Create a IP forwarding virtual server..you can use this link here to see the details of how: https://support.f5.com/kb/en-us/solutions/public/7000/500/sol7595.html -- you can do all of that configuration via the GUI.

 

 

In the GUI you would go to "Local Traffic" -> "Virtual Servers" -> "Profiles"

 

Click on "Protocol" -> "Fast L4"

 

Create a new custom profile with the parent being "Fast L4"

 

Make sure "Loose Initiation" is checked - you will need to make sure custom is checked.

 

Make sure "Loose Close" is checked - you will need to make sure custom is checked.

 

 

Create a new virtual server

 

For the type pick "Forwarding (IP)"

 

For the Destination click on "Network" and enter 0.0.0.0 for the address and 0.0.0.0 for the mask

 

For the service port pick "All Ports"

 

In the protocol profile, pick the custom "Fast L4" profile you created above.

 

 

 

2. Set the default gateway of the web server (in our case, the application server) to point to the IP address of the BIG-IP.

 

 

Once we did that we saw the client ip address correctly on our application server.