Reflect Client IP in ADN Environment

book

Article ID: 166850

calendar_today

Updated On:

Products

ProxySG Software - SGOS

Issue/Introduction

(1)  What settings need to be configured on the  Core ProxySG and Edge ProxySG to reflect the client IP address?

Configuration on the  Edge/Branch Proxy (Enable Reflect Client IP)

Option 1: Globally enable the Reflect Client IP on the ProxySG

Select Configuration > Proxy Settings > General > Reflect Client IP


Option 2: Enable client IP reflection through policy, on the basis of source or destination IP address. For example :

<Proxy>
     client.address=x.x.x.x reflect_ip(client)  

 

Configuration on the  Core ProxySG (Allow Reflect Client IP)

Select Configuration  > ADN  > Tunneling   > Network  > Reflect Client IP. Select Allow the requets and Reflect the Client IP.

 

(2) Is it possible for the Core ProxySG to send out the traffic to the Internet with the source IP address of the Edge ProxySG? (Given Reflect Client IP is not enabled on the Edge ProxySG)

The answer to this is NO. If the Core and the Edge ProxySGs are in an ADN deployment, then there is currently no way the Core ProxySG can send out the traffic to the Internet with the Edge proxy IP as the source IP address.