--> Generally we enable SNAT settings on F5 virtual server to avoid asymmetric routing or not to have the F5 as default gateway for Servers and due to this backend web server can't see actual client IP unless we enable x-forwarded-for settings under http profile.
--> Some times we would need to capture the Client IP address which is trying to access the virtual server address of F5.
--> We have to create the following I Rule in F5 to capture the Client IP address
when CLIENT_ACCEPTED {
# Log the Client IP address in Var/log/ltm
log local0. "The Connected Client IP address is [IP::client_Addr]"
}
--> Then attach the Irule under Virtual Server ( Virtual Server > Resources > irule)
--> Access the CLI of F5 LTM and execute the below command to see the Client IP address:
cat /var/log/ltm | grep The Connected Client IP address is
Best Regards,
Kareem
0 comments:
Post a Comment