Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

WAF changing public IP to local interface IP

Hello,

                We have setup WAF for our internal webserver hosting a site. We see that any public user IP accessing our site is being changed to the local interface ip going through the WAF. This changed local ip is seen in our webserver access logs.

There is no option to switch off NAT in WAF. Cyberoam has taken this as a bug, but is there a workaround to solve this issue.

Thanks

Pravash



This thread was automatically locked due to age.
  • You find the client IP address in the X-Forwarded-For header of all requests that WAF sends to your web server.
  • Thanks a lot ewadie!! We implemented the X-Forwarded-For header in our application and it was able to get the clientip. But somehow the X-Forwarded-For is not working in the apache webserver. Below are the options we tried and it didn't work in apache

    First trial:
    1. added "RemoteIPHeader X-Forwarded-For" to httpd.conf
    2. added %a instead of %h "LogFormat "%a %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined" in the httpd.conf file
    Second trial:
    1. added %{X-Forwarded-For}i instead of %h "LogFormat "%%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined" in the httpd.conf file.
    Thanks
    Pravash