I'm confused. Are you asking about the reverse proxy ('Web Application Security') or about about NAT? It is possible to use a DNAT to change traffic from one public IP to another defined on the ASG. If that's not the question you were asking, please ask again in a different way.
When you define the External interface, WebAdmin creates a special object "External (Address)". When you define an 'Additional Address' named "Special" on the External interface, WebAdmin creates an object "External [Special] (Address)".
To change the traffic from one IP to another, use a NAT rule as follows:
Traffic Source: {Network Group of special sources that should go to other IP} Traffic Service: {Services Group of ports used for the special group} Traffic Destination: External (Address)
NAT mode: DNAT (Destination)
Destination: External [Special] (Address) Destination Service: {This must be left empty!}
For example: I have two laptops : Laptop1 (IP1), Laptop2 (IP2) & I have one web server
Normal situation : When my two laptops through the ASG DNAT to my web server The DNAT rule Set : Traffic Selector : Any > HTTP > External(address) Destination translation : Web Server > HTTP
After that, I visit my web server, then I saw the log of my Web Server, the source IP is coming from "ASG External(address)". Laptop1,2 (IP1,IP2) > ASG NAT(External address) > Web Server (Log source IP = External address)
My situation: Can I after the NAT rule, the source IP is using IP1/IP2 to visit my web server? laptop1,2 (IP1,IP2) > ASG NAT (External address) > Web Server (Log source IP = IP1&IP2)
