AFM Logging Proxy Protocol Header Sent by F5 XC

Question

Hello,We are using F5 distributed cloud XC DDOS service for our published services in proxy mode all traffic coming to F5 BIG-IP AFM sourced from XC IP ranges, at the same time XC is inserting "PROXY Protocol" version 2 header. I need your help to know how to extract "original IP" from header and send it to an external syslog server via irule or any other way.&nbsp;Thanks&nbsp;

aswin_mk · Answer

Hi, i just have a qustion, is it not possible via x-forwarder-for option in http profile if the traffic coming to LTM?
&nbsp;

saad_deif · Answer

HiYes irule is applied on LTM virtual server and injects client original ip found in "PROXY Protocol" header. But I need to apply a similar irule on AFM as some services are not running on LTM.

nikoolayy1 · Answer

Aren't you using the irule Proxy Protocol Receiver | DevCentral ? You can log the variables that have the real IP address and if you need help XC has https://www.f5.com/products/ai-assistant that can help you do it faster.
&nbsp;
You need to still have layer 3/4 VIrtual server as if you are using something like virtual wire see Virtual-wire Configuration and Troubleshooting | DevCentral and my comment as "vlangroup.forwarding.override" is needed so you layer 3 wildcard to capture the traffic and not the pre-build&nbsp; internal virtual servers.

Forum Discussion

AFM Logging Proxy Protocol Header Sent by F5 XC

3 Replies

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Not seeing the latest F5OS-A when running Journeys

Related Content

Log Http Headers

F5 MCP(Model Context Protocol) Server

Managing Model Context Protocol in iRules - Part 3

Proxy Protocol v2 Initiator

Managing Model Context Protocol in iRules - Part 1

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS