How do I enable the HTTP X-Forwarded-For header on a ProxySG?
search cancel

How do I enable the HTTP X-Forwarded-For header on a ProxySG?

book

Article ID: 166079

calendar_today

Updated On:

Products

Advanced Secure Gateway Software - ASG ProxySG Software - SGOS

Issue/Introduction

How do I enable/disable the HTTP X-Forwarded-For header on a ProxySG?

Environment

My web-based application needs the source IP address of my workstation, but the IP address of my ProxySG is showing up instead of my workstation's IP address.
The ProxySG's IP address is present at destination, but need the client workstation's IP address.

Resolution

Use the "X-Forwarded-For" command from the command line interface (CLI) in order to pass on the workstation's IP address, but the source IP address of the packet will contain the IP address of the ProxySG.  To enable the X-Forwarded-For http header, login to the CLI and do the following commands:

ProxySG>enable
Enable Password:
ProxySG#config t
Enter configuration commands, one per line.  End with CTRL-Z.
ProxySG#(config)http add-header x-forwarded-for
  ok
ProxySG#(config)exit
ProxySG#

Please note: in order to add the X-Forwarder-For header to HTTPS traffic, traffic must be SSL decrypted.

To disable or turn off the x-forwarded-for header, please do the following command from the CLI:

ProxySG>enable
Enable Password:
ProxySG#config t
Enter configuration commands, one per line.  End with CTRL-Z.
ProxySG#(config)http no add-header x-forwarded-for
  ok
ProxySG#(config)exit
ProxySG#

For more information regarding the X-Forwarded-For header, please see the Configuration and Management Guide (CMG).