Visibility of the source address of packet to the application server

There's a number. If it's HTTP, you could set the XFWD-For header. (Inserts client IP in the HTTP headers). Or if the app is capable you could still SNAT and use the TCP options to insert the client IP into the TCP headers. e.g. with this code from the TCP::Options page on devcentral.

when SERVER_CONNECTED {
  scan [IP::client_addr] {%d.%d.%d.%d} a b c d
  TCP::option set 29 [binary format cccc $a $b $c $d] all
}

Note that this requires the app to be able to read the options header of course...

Oh... Policy routing the traffic so it still passes back through the BigIP (No nPath) and you don't have to use a default gateway (You'd do this for various WAN accelerators as well with a route-map on the routers, so it's not something that would be unfamiliar to your networking people I'd suspect)

H

Thanks for quick reply.

It's banking application. There is some http traffic, but not only. My client don't know exactly what the other traffic is.

I will try and let You know about results.

Broda