We have a CSS11501 which do the load balance and SSL proxy for mail cluster. Mail servers behind CSS need originate traffic to outside through different tcp and udp ports. We setup source group which nat private ip adderss to public ip for outbound connection. It works fine for year until yesterday. Some application broken. The sniiffer at outside server saw the private ip address from mail servers. This is only for UDP packet. The TCP looks ok. Rebooting CSS didn't fix the problem. For workaround, we have to route UDP packet to second interface which doesn't got through CSS. Does anyone know why CSS leak un-natted ip address to outside.