AnsweredAssumed Answered

Whilst doing a SNAT on HTTP, can I insert an X-Forwarded-For header on Cloudguard?

Question asked by Nicholas Sheridan on Sep 23, 2018
Latest reply on Oct 14, 2018 by Nicholas Sheridan

Hi forum,

 

If I am running a load balancer or web proxy upstream from a web server, I tend as a matter of course to write in a X-Forwarded-For header onto the onward call to the server.

 

With horizontally scaling cloudguard, I need to do a SNAT to maintain the flow back through the forwarding gateway, which is fine, but I lose the original source IP address of the client on the internet.  This might mess with my analytics tools.   

 

Anyone done anything similar with cloudguard R80.10?  It'd be a good feature to write in a custom header - the receiving server can then parse this and write the true IP of the calling client into the log an make use of whatever analytics it might have.

 

Thanks!

Outcomes