For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Muhannad's avatar
Muhannad
Icon for Cirrus rankCirrus
Mar 04, 2020

F5 SSL Pass-through with Xforward.

Dear Experts,   I have a requirment to configure a virtual server that do support SSL passthrough proxy (Which has been configured and working fine) but i need to inject the xforward value in the...
application delivery
LTM
Muhannad's avatar
Muhannad
Icon for Cirrus rankCirrus
Mar 07, 2020

Dear Steve,

 

Thanks for your response.

 

I have enabled Proxy SSL in the SSL profile and then Enabled the X-Forwarded-For in the HTTP profile but this didnt insert the client IP in the HTTP header.

 

My setup as follows : Client request SSL---->LTM (doing the SSL Proxy) --> F5 WAF---> Server

 

I have configured SSL client side and SSL server Side with SSL proxy enabled in both profiles in the LTM, HTTP profile with X-Forward has been added as well but in the WAF events i am still unable to see the original client IP.

 

do i have any workarounds or this will not work as Lidev said A Virtual Server configured with SSL pass-trough prevents F5 BIG-IP from using application-layer features.

 

Regards,

Muhannad