Restricting Access to Virtual from client IP address in X-Forwarder-For HTTP header

  Description If you have a Proxy in front of the BIG-IP and all the client IP are source Natted, You can still restrict access to the Virtual if the client IP address is inserted by the pr...
Published Mar 14, 2023
Version 1.0
security

Was this article helpful?

Nikoolayy1's avatar
Nikoolayy1
Icon for MVP rankMVP
Mar 16, 2023

What about if the X-Forwarder-For has multiple IP addresses as there were several proxy devices that added an IP address to the header with "," for example "1.1.1.1, 2.2.2.2"? How can you match on the first IP address in the XFF header?