iRule - Sessions to specific IP on the Backend - ProxyPass?

Question

Hello, 
&nbsp;  
&nbsp; I hope I am explaning this right.  What I need to do is terminate incoming SSL sessions on the F5 VIP then on the backend communication to the server I want all user sessions to be seen as a specific static IP when the request goes to the backend server.  The reason for this is that we need to setup specific caputers and policies on the web server to only allow a specific IP address to access it.  I was told I can set this up by using ProxyPass iRule?  Can this be done? 
&nbsp;  
&nbsp; Please let me know if you need more info. 
&nbsp;  
&nbsp; Regards, 
&nbsp;  
&nbsp; James

hooleylist · Answer

Hi James, 
&nbsp;  
&nbsp; The proxypass iRules are more geared for proxying HTTP requests to alias an external URL to an internal URL.  From what you've described, I think you just need to define the static source IP as a SNAT pool address and then add the SNAT pool to the VIP.  This would ensure that all packets going from LTM to the VIP's pool members would be sourced from the static IP you specify. 
&nbsp;  
&nbsp; Try reviewing the online help on the SNAT page, or search for the SNAT section in the LTM config guide for your version on AskF5.com. 
&nbsp;  
&nbsp; Aaron

Forum Discussion

iRule - Sessions to specific IP on the Backend - ProxyPass?

1 Reply

Recent Discussions

Error when running bigip_command Playbook against LTM : Syntax Error: unexpected argument /bin/sh\n

Can iRule be used to perform exception of IPI category based on Geolocation

Can iRule mask the payload content on event logs of security

minimum tmos software version for connect CIS (openshift)

Chrome V 124+ on MacOS - Virtual Server Access Issue

Related Content

ProxyPass v10/v11

URL Rewrite/ProxyPass Functionality

ProxyPass Lite

Disabling Specific Weak Cipher Suites

find specific SNMP OID