Forwarding real client IP addresses to the ThreatPulse service when using proxy forwarding
Last Updated May 13, 2017
When proxy forwarding is used in conjunction with the ThreatPulse cloud service, only the public IP address of the proxy is appearing in reports.
This prevents you from configuring policy rules based on source IP addresses and also from running reports on client IPs.
Use the "X-Forwarded-For" command from the command line interface (CLI) in order to pass on the workstation's IP address, but the source IP address of the packet will contain the IP address of the ProxySG. To enable the x-forwarded-for HTTP header, login to the CLI of your ProxySG and run the following commands:
ProxySG>enable Enable Password: ProxySG#config t Enter configuration commands, one per line. End with CTRL-Z. ProxySG#(config)http add-header x-forwarded-for ok ProxySG#(config)exit ProxySG#
To disable or turn off the x-forwarded-for header, please run the following commands from the CLI:
ProxySG>enable Enable Password: ProxySG#config t Enter configuration commands, one per line. End with CTRL-Z. ProxySG#(config)http no add-header x-forwarded-for ok ProxySG#(config)exit ProxySG#
For more information regarding the X-Forwarded-For header, please see the Configuration and Management Guide
Imported Document ID: 000009457
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe
Thanks for your feedback. Let us know if you have additional comments below. (requires login)
Subscribed to the Article.
Unable to subscribe
Thanks for your additional feedback !!!
Enterprise Support Virtual Agent
Rate Me :
Tell us more:
Welcome! My name is Sami, the Enterprise Support Virtual Agent answering technical support questions.