Forum Discussion

Reddy1's avatar
Icon for Altostratus rankAltostratus
May 07, 2012

Xfarworder profile




I have my backend web servers (https) pool associated to the VS listening on port 443. THe scenario is Vs, pool are from the same subnet. I have IIS server configured to log the client IP who accessed the VS.



The issue is when i look at the logs i see that the client address is same for all the connectiions. The reason being is i have SNAT applied on the VS.



The default gateway of the Backend servers is pointing to a router.If i remove the SNAT in order to let the IIS log teh client IP's, the users will fail to access the servers through Vs , as the reverse traffic take a different path. For some reason i cant change the default gateway of the servers.



Does applying enabling a Xfarworder on an http profile will sort out the issue?



i do heard that we cannot apply an x farwarder for https....



How will the traffic flow even the clients are from the same subnet?



I would be really thankfull if i get some solution....





Sheshank Reddy

1 Reply

  • For logging, you can install a DLL which logs the XFF header value. If you have an application which is reading the client IP from the IP header, you can use an ARR helper. Either option requires that LTM parse the HTTP headers. This requires a client SSL profile for HTTPS.



    See this post for details on both: