How do I enable/disable the HTTP X-Forwarded-For header on an Edge SWG (ProxySG)?
My web-based application needs the source IP address of my workstation, but the IP address of my Edge SWG (ProxySG) is showing up instead of my workstation's IP address.
The Edge SWG (ProxySG) IP address is present at destination, but need the client workstation's IP address.
Use the "X-Forwarded-For" command from the command line interface (CLI) in order to pass on the workstation's IP address, but the source IP address of the packet will contain the IP address of the Edge SWG (ProxySG). To enable the X-Forwarded-For http header, login to the CLI and do the following commands:
ProxySG>enable
Enable Password:
ProxySG#config t
Enter configuration commands, one per line. End with CTRL-Z.
ProxySG#(config)http add-header x-forwarded-for
ok
ProxySG#(config)exit
ProxySG#
Please note: in order to add the X-Forwarder-For header to HTTPS traffic, traffic must be SSL decrypted.
To disable or turn off the x-forwarded-for header, please do the following command from the CLI:
ProxySG>enable
Enable Password:
ProxySG#config t
Enter configuration commands, one per line. End with CTRL-Z.
ProxySG#(config)http no add-header x-forwarded-for
ok
ProxySG#(config)exit
ProxySG#
For more information regarding the X-Forwarded-For header, please see the Configuration and Management Guide (CMG).