Forum Discussion

Nimbostratus

Feb 05, 2016

X-Forwarded-for with SSL Passthrough (no offloading on LTM)

Hi, Is there a way to get X-forwarded-for working with SSL passthrough (NO offloading)? I have some system owners who refuse to have any form of "man in the middle" sessions and require the...

Nimbostratus

Apr 12, 2018

Hello guys, Need some help.

It was confirmed we cannot use X-Forward-For for SSL pass-through VIPs, but If I add it, what will happen. is the VIP still works?? I mean if the traffic is not offloading on BIGIP, can it ignore optional XFF http profiles and continue to work as it works earlier??

By mistakenly today I have added XFF to one of our old VIP, which cause huge outage. Our backend (apache) was recieving invalid HTTP requests / invalid SSL handshakes and stalling as a result.

I'm little confused here as BIGIP cannot add/modify http headers, how can the backend servers get invalid SSL handshakes. anyone have any idea!!

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

X-Forwarded-for with SSL Passthrough (no offloading on LTM)

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

Extracting X-Forwarded-For in Node.js

TCP Option 28 X-Forwarded-For Header

iRule for AFM IP Intelligence security policy to work with HTTP XFF (X-Forwarded-For) headers

X-Forwarded-For Log Filter for Windows Servers

Restricting Access to Virtual from client IP address in X-Forwarder-For HTTP header

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS