The default configuration for a Virtual System is to send requests to authentication servers with source IP address of VSX Gateway / VSX Cluster:
In SmartDashboard, open Virtual System object - expand "Other" in the left pane - click on "Legacy Authentication" - refer to section "Authentication Servers Accessibility (including LDAP)" - the default is "Shared (servers are accessible from the VSX gateway/cluster".
Example:
