When running Policy Server, one might be unable to log user ip address
in smaccess log in our non-prod environment. The ip captured in
REMOTE_ADDR is the LB ip instead of user ip which is being audited as
sm_client ip in smaccess logs currently.
X-forwarded-for and Client-ip headers are populated correct IP address
for user being authenticated. How one can force agent to use either of
X-forwarded-for or Client-ip to be used while auditing ?
Web Agent 12.52SP1CR11 on Apache 2.4.46 on RedHat 7
Setting the ACO parameter CustomIPHeader to X-forwarded-for should
solve this (1)(2).
You should not need to change ProxyDefinition and/or RequireClientIP
just to include the X-forwarded-for in smaccess.log. Just set
List of Agent Configuration Parameters
Default HTTP Headers Used by the Product