Forum Discussion
Big-IP - X-Forwarded-For
Hello,
Currently I have two public virtual servers for the same web app. One VS listening on 80 with an iRule that directs to https. The second VS listening on 443. The problem is the Big-IP is not sending thru the source IP and the servers are looking for X-Forwarded-For or REMOTE_ADDR . Can you please tell me how to the add the source IP?
Thank you,
- Kevin_Stewart
Employee
Have you enabled the XFF header option in the HTTP profile applied to the 443 VIP? That's the easiest way to do it.
- sysadmin_2015_2
Nimbostratus
Yes, I have enabled "Insert X-Forwarded-For" on the https VS but its still not working.
Thank you for your help,
- Kevin_Stewart
Employee
How do you know that the XFF header isn't being sent by the BIG-IP? If the traffic is unencrypted on the server side of the BIG-IP, do a quick tcpdump capture to see what the request looks like:
tcpdump -lnni 0.0 -Xs0 host [IP of server]
The -Xs0 option will show you the full HTTP payload of the requests and you should see the X-Forwarded-For header there with the XFF option enabled.
- alex100
Cirrostratus
Do you have a ssl profile enabled on your https VS. If not you need one.
- sysadmin_2015_2
Nimbostratus
Hello,
Once I fixed a routing issue, the XFF header option in the HTTP profile worked.
Thank you for your help,
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com