IIS7 IP Restriction via Load Balancer
Posted on 2016-09-08
I have been spending far too much time trying to work this out. I would like to IP restrict certain IP addresses from gaining access to the web server, however this is not possible because the traffic comes through a load balancer (ZEN). So I attempted to use Dynamic IP Restriction Proxy Mode however I add the ZEN Load Balancer IP address to the allowed list, by doing this it allows all traffic from the load balancer regardless.
I have also enabled X-FORWARDED-FOR header form the load balancer which I have identified in the logs using advance logging within IIS and I can see the external IP address.
So I need to pick this X-FORWARDED-FOR IP address and make a rule that if IP address xx.xx.xx.xx then deny/allow.
I have seen many advice on this using Rewrite module but I have failed and need help on this.