Forum Discussion

Nimbostratus

Nov 09, 2017

X-Forward without a http profile?

I have a VIP that does SSL pass-trough (F5 doesn't offload any SSL_, so I can't use a http profile but I would like to have X-Froward enabled. Is there a way to accomplish that? Thx, V...

Cirrostratus

Nov 09, 2017

Hello Vedran,

You can't add the XFF without HTTP profile.

Also if you don't terminate the SSL on the F5, the system cannot manage headers since the full headers and body are encrypted.

If you want to add the XFF you should at least make SSL Bridging.

Which means that you will have an SSL tunnel btw the client and the F5 and another one btw the F5 and the backend server.

Regards

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

X-Forward without a http profile?

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

Restricting Access to Virtual from client IP address in X-Forwarder-For HTTP header

iRule for AFM IP Intelligence security policy to work with HTTP XFF (X-Forwarded-For) headers

X-Forwarded-For HTTP Module For IIS7, Source Included!

Log X Forwarded For Http Header In Iis Dll

Update your DevCentral user profile

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS