Maintaining client Source ip using Source nat

eveaevea Member
Hi,

Please bare with me i am new in aflex and need to know if it is possible to maintain the source ip address of the client in Proxy SG bluecoat using sourcenat.

Any feedback is highly appreciated.

Thanks!

Comments

  • amehtaamehta Member
    edited December 2016
    Hello,

    To add the client’s IP address back to the request, you do not need to change
    the network configuration or NAT settings. Instead, you can simply enable
    the ACOS device to insert the client’s IP address into the header of the client’s
    GET request before sending the request to a real server using the insert-client-ip option in the http template.

    HTTP template option

    insert-client-ip [http-fieldname] [replace]
    The http-fieldname option specifies the HTTP field, for example:
    X-Forwarded-For. Without this option, the client IP address is inserted into
    the X-ClientIP field.
    The replace option replaces any client addresses that are already in the
    header.

    Example
    slb template http clientip-insert
    insert-client-ip "x-Forwarded-For"

    slb virtual-server test 10.0.0.1
    port 80 http
    service-group test
    source-nat pool pool-test
    template http clientip-insert


    -Aditya M Mehta
    PS Engineer
    A10 Networks Inc.
  • eveaevea Member
    edited December 2016
    Hi Aditya:

    Thank you very much for your feedback.

    We already tried this and it worked.

    Cheers,
    netcrawler
  • mlmarcelomlmarcelo Member
    edited June 2018
    Hi Netcrawler/Aditya,

    I have the same problem.

    I just want to know if configuration on Proxy SG also needed?

    BR
    Nick
  • diederikdiederik Member
    edited June 2018
    Yes, you need to inform the Proxy SG now to not just look at the source IP address.

    Not sure if this is still current, but have a look at:

    Use Effective IP to Determine the Origin IP
Sign In or Register to comment.