Q: Is it possible to pass Client IP to back end server using SSL bridge?

A: With SSL Bridge you will not be able to send Client IP to back end server as NetScaler will not perform any offloading. NetScaler will not decrypt the SSL traffic and so cannot add any X-forwarded-For or Client IP header in HTTP headers. This can be done only by enabling USIP mode on services in NetScaler. But if you use the USIP feature, then you need to configure the default gateway of your back end server to the IP address of the NetScaler. Otherwise the back end server sends the return/answer packet to another gateway. If this is a firewall, or there is a firewall in the chain then it will most probably drop that answer packet, because the firewall did not see the first SYN packet.