When the web proxy forwards a request, it changes the request source IP address to match its own address by default. This
increases security, but you can change this behavior by implementing IP spoofing, so that requests retain their source address
and appear to originate from the source client rather than from the Web Security appliance.
IP spoofing works for transparent and explicitly forwarded traffic. When the Web Proxy is deployed in transparent mode, you have the choice to enable IP spoofing
for transparently redirected connections only or for all connections (transparently redirected and explicitly forwarded).
If explicitly forwarded connections use IP spoofing, you should ensure that you have appropriate network devices to route
return packets back to the Web Security appliance.
When IP spoofing is enabled and the appliance is connected to a WCCP router, you must configure two WCCP services: one based
on source ports and one based on destination ports.