When using SSL modules in the CSS, does the client source IP address show up on the web server? Or does the CSS do a source NAT so the packet comes back to the SSL module?
That's why you need to make sure the response goes back to the CSS either by pointing the default gateway at the CSS pr by using some sort of policy routing.
The SSL module does not have an IP address assigned to it, so it cannot use its own. The server should see the client IP address, unless you configure source nat specifically by using groups.
-Steve
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
