SSL Forward proxy and X-Forwarded-for

Question

Hello all
I followed the different articles to create a forward proxy and it works well for HTTP and HTTPS
I need now to add the X-forwarded-for field in queries to send IP client information to the next device
I modified for this the explicit proxy HTTP profile (of my VS proxy 8080) and it works for the HTTP traffic
I modified my http profile for VS HTTPS 0.0.0.0/0:443 and it works except that instead of having the IP address of the client, I have F5 SNAT IP
When I look at the IP :: client_addr or IP :: remote_addr variables, I see the SNATs of the F5 and not the IP address of my client. How to recover it?
Thanks for your help&nbsp;

stanislas_piro2 · Answer

you can write an irule like :
when HTTP_REQUEST {
    if {[HTTP::method] equals "CONNECT } {
        snat none
    }
}

then enable SNAT in  VS HTTPS 0.0.0.0/0:443

Forum Discussion

SSL Forward proxy and X-Forwarded-for

Recent Discussions

F5 Health Monitor Receive String as JSON

Background Tasks

Which process is consuming higher CPU

SSL bridging without SSL proxy forward

Big-IP VE edition for MacBook M4 Chip

Related Content

Extracting X-Forwarded-For in Node.js

TCP Option 28 X-Forwarded-For Header

Restricting Access to Virtual from client IP address in X-Forwarder-For HTTP header

X-Forwarded-For Log Filter for Windows Servers

X-Forwarded-For on L4 VS

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS