How do I enable the HTTP X-Forwarded-For header on an Edge SWG (ProxySG)?

search cancel

How do I enable the HTTP X-Forwarded-For header on an Edge SWG (ProxySG)?

book

Article ID: 166079

calendar_today

Updated On:

Products

Advanced Secure Gateway Software - ASG ProxySG Software - SGOS

Issue/Introduction

How do I enable/disable the HTTP X-Forwarded-For header on an Edge SWG (ProxySG)?

Environment

My web-based application needs the source IP address of my workstation, but the IP address of my Edge SWG (ProxySG) is showing up instead of my workstation's IP address.
The Edge SWG (ProxySG) IP address is present at destination, but need the client workstation's IP address.

Resolution

Use the "X-Forwarded-For" command from the command line interface (CLI) in order to pass on the workstation's IP address, but the source IP address of the packet will contain the IP address of the Edge SWG (ProxySG). To enable the X-Forwarded-For http header, login to the CLI and do the following commands:

ProxySG>enable Enable Password: ProxySG#config t Enter configuration commands, one per line. End with CTRL-Z. ProxySG#(config)http add-header x-forwarded-for ok ProxySG#(config)exit ProxySG#

Please note: in order to add the X-Forwarder-For header to HTTPS traffic, traffic must be SSL decrypted.

To disable or turn off the x-forwarded-for header, please do the following command from the CLI:

ProxySG>enable Enable Password: ProxySG#config t Enter configuration commands, one per line. End with CTRL-Z. ProxySG#(config)http no add-header x-forwarded-for ok ProxySG#(config)exit ProxySG#

For more information regarding the X-Forwarded-For header, please see the Configuration and Management Guide (CMG).

Feedback

thumb_up Yes

thumb_down No