SNAT source address, source port

Question

Hey Folks,&nbsp;
I have a Citrix Gateway deployed behind a BigIP LTM, and I would like to track the connection of a certain user. I can see the source address, source port and the SNAT translation with this command:&nbsp;
conn server 151.x.x.x show all&nbsp;
So, I see that although the address is translated to one of the SNAT addresses in a pool of 7, the source port remains the same, so I can use the port to identify the user.
The problem is when I have 8 port matches from 8 different connections. I guess the LTM is forced to change the port...
How can I detect when this happens ?&nbsp;
Thanks,
Fabian&nbsp;

what_lies_bene1 · Answer

You can't I'm afraid (without some real advanced shell script-fu anyway). I'd suggest you use an iRule to log as necessary. Let me know if you need help with that.&nbsp;

dicky_moe_13167 · Answer

ok. Thanks anyways.&nbsp;

Forum Discussion

SNAT source address, source port

2 Replies

Recent Discussions

BIG-IP DNS: Check Status Of Multiple Monitors Against Pool Member

Open Redirection Mitigation

F5Access | MacOS Sonoma

enable tls1.2 on management interface on F5 ltm running version 10.x

[ASM] - what is "Browser Challenge file" ?

Related Content

The Power of Source Address

How to ensure source address and source port are accepted and traversed properly via F5 SNAT automap

source address persistence maximum session timeout

How to rewrite the source IP address to an URL

iControl Library For Java With Source