Avatar of drugstore
drugstore
Flag for United States of America asked on

F5 doesn't pass original IPs

All,
  Big IP 3600s working perfectly for dozens of servers and load balancing is going well.  But... the only IPs that show up in web server logging belong to the pair of F5s.  I would like the F5 to pass the original IP of our customers for many reasons, namely tracking who is hitting our services.

  The setup is fairly traditional- edge router to firewall to F5 to server.  I have spoken with F5 who pointed me to this setting:
Main | Local Traffic | Virtual Servers | Profiles | Insert X-Forwarded-For

  That setting was disabled; I enabled it, applied it, and no change resulted.

  I've looked high, low, and all over the F5 web site and will have to call them again, unless you have an idea...
SecurityNetwork ManagementNetwork Security

Avatar of undefined
Last Comment
drugstore

8/22/2022 - Mon
SOLUTION
giltjr

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
ASKER CERTIFIED SOLUTION
btan

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
drugstore

ASKER
Thank you experts!  I enabled the X-Forwarded-For setting which you can see in Wireshark with the nifty display filter "http.x_forwarded_for."  Then, in the Microsoft IIS web server section of the article referenced by breadtan (SOL4816), there is an IIS ISAPI filter update to IIS Advanced Logging that allows the original IPs to be logged and viewed.
Experts Exchange is like having an extremely knowledgeable team sitting and waiting for your call. Couldn't do my job half as well as I do without it!
James Murphy