This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

webserver protection dows not preserve client IP

I have a problem with the webserver protection.
The webserver behind the UTM loggs the IP Address of the internal UTM port and not the IP of the client.
I have enabled 'Pass Host Header' in the advanced section.
Type: Encrypted & redirect
Webserver: HTTP
Firewall Profile: No Profile
the client communicates nicely with HTTPS. The webserver runs HTTP

This thread was automatically locked due to age.

0 Scott_Klassen over 9 years ago

Allergic to searching, eh? This has been covered many times before. Your webserver needs to look at the x-forwarded-for header.

See https://community.sophos.com/products/unified-threat-management/astaroorg/f/57/t/50305 and others linked from there.

__________________
ACE v8/SCA v9.3

...still have a v5 install disk in a box somewhere.

http://xkcd.com
http://www.tedgoff.com/mb
http://www.projectcartoon.com/cartoon/1
Cancel
Vote Up 0 Vote Down

Cancel
0 patrumau over 8 years ago in reply to Scott_Klassen

This is NOT a solution.

I have to publish 3 exchange server front-end in NLB. NLB affinity use the CLIENT IP to balance http requests. So If I use the reverse proxy and I cannot pass the client IP to the web servers (at layer 3 level, not layer 7!!!) all connections goes to only one web server.

ISA server / TMG has the option "connections appears to come from the client IP" to accomplish this.
Cancel
Vote Up 0 Vote Down

Cancel
0 BAlfson over 8 years ago in reply to patrumau

Why not let the UTM do the load balancing?

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel