Technical Forum
Ask questions. Discover Answers.
Showing results for 
Search instead for 
Did you mean: 
Custom Alert Banner

Website does not load after using X-Forwarded-For HTTP header



I need to see the client real IP to one of my publicly available website, to do that, i enabled the X-Forwarded-For under http profile (client) after that the website did not come up, i tried to use below iRule as well but that one needs to have http profile attached to VIP, so when i attached the http profile the website won't come online, I was wondering if you could help me. one note : the SSL is terminated on the backend server NOT F5.

The error which I am getting


Secure Connection Failed


An error occurred during a connection to PR_END_OF_FILE_ERROR


   The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.

   Please contact the website owners to inform them of this problem.



The iRule


HTTP::header insert X-Forwarded-For [IP::remote_addr]






Hi ,


you say that SSL is terminated on the backend and not on the F5. Therefore the BIG-IP cannot insert any HTTP headers.


Please see K4816: Using the X-Forwarded-For HTTP header to preserve the original client IP address for traffic ...

Quoting from there:

"Note: You can insert HTTP headers in HTTPS traffic only if the client connects to a BIG-IP virtual server configured with a Client SSL profile. When the BIG-IP system terminates the SSL connection, it has access to the unencrypted HTTP data."


You can only insert a X-Forwarded-For header once you make your virtual server capable of performing SSL decryption/encryption. For details see: K12015: Configuration requirements for SSL virtual servers, profiles, pools, and monitors.