Forum Discussion
Pav_70755
Nimbostratus
NimbostratusI-rule to re-direct page back to source IP address?!
We have a site that is hosted through our F5 and it has a page which returns the users IP address so the source ip of the user accessing the site but the IP that is being returned is the floating IP of the Big IP.
Is there specific setting in the virtual server set up or does something need to specified in an i-rule for it to route back to the source IP and not the floating IP?
any help much appreciated!
Thanks
Pav
19 Replies
naladar_65658Altostratus
Hello Pav,
What you are seeing is the result of the BIG-IP being a proxy. Are you using SNAT Automap?
You might look into something called X-Fowarded-For:
http://devcentral.f5.com/weblogs/macvittie/archive/2008/06/02/3323.aspx
Pav_70755Yep I have SNAT set to automap.
The sites are hosted on IIS 6- naladar_65658http://devcentral.f5.com/weblogs/Joe/archive/2009/08/19/x_forwarded_for_log_filter_for_windows_servers.aspx
You might check that link out. :) - Pav_70755Thanks mate I downloaded that filter and set it up in IIS but no joy im still getting the floating IP returned.
Have you used it before and is there anything else I need to configure?
Thanks
Pav - naladar_65658Hello Pav,
You would also need to configure an HTTP profile with the X-Forwarded-For setting switched on. Then look in your IIS logs and you should see the clients IP's. Then see if that works for your application. - Pav_70755Thanks Naladar,
I've set up a new hottp profile with the X-Forwarded setting and upon checkign the logs on the individual web servers the source IP is now beeing displayed!
but the actual page on the site is still showing the floating IP but I guess this could be something for the developers to look into how and where its getting the IP from.
Thanks
Pav 
hoolioCirrostratus
Hi Pav,
It sounds like the application is reading the source IP from the packets as opposed to the HTTP X-Forwarded-For header. If it's possible to change that logic within the application, you could have the app modified to read the XFF header instead.
If you're using the XFF IP value for anything other than reporting, you might want to create a custom HTTP profile with the header to insert set to X-Forwarded-For: [IP::client_addr] and the header to erase set to X-Forwarded-For. This will ensure that any pre-existing XFF header values are erased before LTM inserts the client IP is sees in the header.
Aaron- Pav_70755Hi Aaron,
How do i configure the HTTP X-Forwarded in a new HTTP profile to see the source Ip from the packets as you have suggested.
Would this just need to be configured in a new HTTP profile?
Thanks
Pav - The_BhattmanHi Pav,
I believe Aaron is referring to a specific field within the HTTP Profile called "Request Header Erase" You can do this by configuring the HTTP profile's 'Request Header Erase' field and enter put in X-Forwarded-For while the "Request Header Insert" contains "X-Forwarded-For: [IP::client_addr]"
I hope this helps
Bhattman - Pav_70755Hi Bhattman thanks for your help:
I have configured the HTTP profile as follows:
Request Header Insert: X-Forwarded-For: [IP::client_addr]
Request Header Erase: X-Forwarded-For
Insert XForwarded For: Enabled
And its still returning the floating IP
Pav
