Forum Discussion
youssef1
Mar 26, 2019Cumulonimbus
Hi,
the only way to provide the actual IP of the client is to switch to npath or put the F5 as GW for sharepoint servers.
If you set F5 as GW of your sharepoint server it can work but it's like inline...
For preserving CAC you have multiple choice:
- you can swith your ssl termination on Sharepoint
- SSL proxy.
- Authenticate user on F5 side then uses Client Certificate Constrained Delegation (C3D) to support complete end-to-end encryption when interception of SSL traffic in a reverse proxy environment is required and when client certificates are used for mutual authentication.
Hope it will help you.