Extracting http header- Client IP address
X-Forwarder-for has been setup to extract the client IP information from F5. Recently we integrated a cloud based WAF into our environment where they will be changing the client IP to their Proxy IP address before forwarding it to our F5. Since then F5 is only able to interpret the proxy IP address but not the original Client's IP address.
Upon talking to the Cloud WAF provider, I have been told they insert 2 IP headers while forwarding traffic to us, where one has all the IP information and second one have the client IP address only.
1) X-Forwarded-For : 220.127.116.11, 18.104.22.168(Proxy IP address), x.x.x.x(Proxy 2 IpP address) and so on
2) Incap-Client-IP: 22.214.171.124
Where as : 126.96.36.199 is the original Source IP address.
Can some able to assist on how can we configure F5 to interpret the value in the header "Incap-Client-IP" or read the First IP address in "X-Forwarded-For" header.
Thanks in advance.