Hello,
I have the follow scenario (Active Inline Multi-ProxySG Capable Fail to Appliance):
LAN -> SSLv (sslv appliance inteface 5) -> ProxySG (sslv appliance interface 6) with a copy port (sslv appliance interface 7) to a Security analytics.
With this topology all mu Security Analitycs rules triggers the IP from ProxySG as Client.
Is that away to make the SSLv deliver the real IP client in this copy interface? Or use a different field on Security Analitycs to show client IP.
Thanks a lot