This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Thammarit
Explorer
‎2023-12-07 02:49 AM

How to enable "X-Forwarded-For" for traffics forwarded from Imperva Cloud WAF on CheckPoint firewall

Hi everyone,

I'm looking for help to guide the customer configuring Checkpoint firewall to properly handle "X-Forwarded-For" headers for traffic forwarded from Imperva Cloud WAF. My goal is to ensure accurate client IP logging and visibility into the origin of incoming requests.

Current Setup:

  • Firewall: Checkpoint Firewall
  • WAF: Imperva Cloud WAF

Desired Outcome:

  • "X-Forwarded-For" header containing the original client IP is correctly forwarded by Imperva WAF and received by the Checkpoint firewall.
  • Client IP information is accurately logged in the Checkpoint firewall logs for analysis.

Questions:

  1. What specific configuration changes are needed on the Checkpoint firewall to enable "X-Forwarded-For" for Imperva Cloud WAF traffic?

Any guidance or insights from experienced users would be greatly appreciated.

0 Kudos
1 Reply
PhoneBoy
Admin
Admin
‎2023-12-14 12:54 PM

In order for the gateway to even see the XFF header, you'll need to have App Control and HTTPS Inspection enabled.
The rule the traffic matches might need to include actions that require App Control (including the use of "Detailed" or "Extended" logging).

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events