Forum Discussion
NimbostratusiRule to get client internal IP (LAN)
Hi all,
I working with F5 (BIGIP 11.6). I looking for a way to get on the server side in my logs the internal IP of the client. We have internal system with 300 users (CRM) and they work with servers that configured on F5. Sometimes users report that they have problem with the platform and i want to debug it on the server side, however all I see is the external IP (make sense..), so I cannot debug it, is there a way to get the INTERNAL IP of the client? something like the x-forwarder-for?
12 Replies
Robert_Luechte2Cirrus
The x-forwarded-for header is what you are lookging for and can be applied via the HTTP profile. It will provide the client IP address in the HTTP header.
Vova_1985_18320Yes, but x-forwarded-for gives me the PUBLIC IP, and im looking for a way to get the INTERNAL IP (192.168.10.x)
- Robert_Luechte2Ah, I see your dilemma now. I was thinking these were your internal clients. I think that for this to be possible, the client would have to provide the x-forwarded-for header, or some other x- header.
- Vova_1985_18320
This isn't my strong side, so im not sure even if its possible, but our F5 integrator said that it is possible with iRule...
- Robert_Luechte2
If the info is not in the header, I don't know how you could do this, short of creating and inserting some small Javascript that requests the IP address.
- Vova_1985_18320
I found out that this iRule actually gives the required information: when HTTP_RESPONSE { HTTP::header insert X-Internal [IP::client_addr] }
However im not sure its a standard header field, and now my question is, can i replace x-forwarder-for by this field? I mean when i get to the server the x-forwarder-for field instead of see my public IP the iRule will replace it to Internal IP and i will get x-forwarder-for: 192.168.10.1?
- Robert_Luechte2I'm not certain what you are doing with that iRule. [IP::client_addr] would return the client IP which would be the public IP address. And then you are inserting that IP address in a header going back to the client (since it's HTTP_RESPONSE event)? Enabling x-forwarded-for in the HTTP profile will use the [IP::client_addr] value for that header. But you said that is providing the Public IP of the client, which makes sense since they are external customers.
- Vova_1985_18320Yeah.. you right. I just created new VS and made all test there, but it was over VPN that why i saw my internal IP (ooopps) so im back to the start now.
kunjanIs it that internal users access F5 thru internet proxy and hit the public IP address of the F5? Then probably you are seeing proxy public IP.
- Vova_1985_18320
The office with the users in one country that goes to internet -> CDN -> then to LB that located in another country.
- kunjan
That explains why you are seeing Public IP for those users. It could be the CDN IP you are seeing in the logs. So by itself F5 cannot identify the client IP.
- Vova_1985_18320
No, I see my PUBLIC IP of my office, on CDN i have configuration to pass the original IP of the client.
