05-06-2009 02:42 PM
It is not possible for every protocol. It is possible for all HTTP based communications. Some protocols like FTP, RTSP and a lot of others do not support it to change the traffic on the fly and to insert the IP address of the client in case it is getting hidden due to source NAT.
Nevertheless it is possible to do this in case of HTTPS - HTTPS is HTTP based on it is no problem at all to insert an additional HTTP header with the original client IP in.
It is possible as soon as the ServerIron is doing SSL offload. You can not inser the client IP into the encrypted traffic - you do need to decrypt it first of all. That implies you do need to do SSL offload/acceleration at the ServerIron. Looking at the ADX you do need to ensure you are running at least release 12.1 or higher (with SSL acceleration in).
I am going to post an example as soon as possible.