Application Delivery (ADX)

Reply
Occasional Contributor
Posts: 17
Registered: ‎08-19-2008

Is it possible to use client-ip insertion for every protocol?

Is it possible to use client-ip insertion for every protocol? e.g. HTTPS

Super Contributor
Posts: 316
Registered: ‎05-01-2009

Re: Is it possible to use client-ip insertion for every protocol?

It is not possible for every protocol. It is possible for all HTTP based communications. Some protocols like FTP, RTSP and a lot of others do not support it to change the traffic on the fly and to insert the IP address of the client in case it is getting hidden due to source NAT.

Nevertheless it is possible to do this in case of HTTPS - HTTPS is HTTP based on it is no problem at all to insert an additional HTTP header with the original client IP in.

It is possible as soon as the ServerIron is doing SSL offload. You can not inser the client IP into the encrypted traffic - you do need to decrypt it first of all. That implies you do need to do SSL offload/acceleration at the ServerIron. Looking at the ADX you do need to ensure you are running at least release 12.1 or higher (with SSL acceleration in).

I am going to post an example as soon as possible.

Super Contributor
Posts: 316
Registered: ‎05-01-2009

Re: Is it possible to use client-ip insertion for every protocol?

Check this out:

Happy?

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.

vADC is now Pulse Secure
Download FREE NVMe eBook