Adding the X-Forwarded-For header via the KEMP LoadMaster

The X-Forwarded-For (XFF) HTTP header field is a standard method for identifying the originating IP address of a client connecting to a server through the KEMP LoadMaster or any proxy.

The KEMP LoadMaster allows us to give the client's IP to the destination Real Server by inserting an additional HTTP header (called X-Forwarded-For) when L7 is used with non-transparency.

This option of inserting the HTTP header (called X-Forwarded-For) allows the client source IP address to be logged by the Real Server's IIS logs.

Adding the X-Forwarded-For via the LoadMaster can be done either as a global setting or as a per-Virtual Service setting. Refer to the relevant section below for steps on how to add the header.

 

Global Setting

In the main menu of the LoadMaster Web User Interface (WUI), select System Configuration > Miscellaneous Options >  L7 Configuration and select X-Forwarded-For in the Additional L7 Header drop-down list. 

 

Per-Virtual Service Setting 

To add the X-Forwarded-For header via the LoadMaster per-Virtual Service, follow the steps below:

  1. In the main menu of the LoadMaster WUI, select Virtual Services > View/Modify Services.
  2. Click Modify on the relevant Virtual Service.
  3. Expand the Advanced Properties section.
  4. Add HTTP Headers > Select either"X-Forwarded-For (No Via) or X-Forwarded-For (Via)." option 

 

Was this article helpful?

0 out of 0 found this helpful

Comments

Avatar
ribeiroam

This does not appear to be accurate for version 7.2.36.2.14271.RELEASE. The Per-Virtual Service Settings are different.

Avatar
Andres Garcia de Alba

Hello,
It is possible that your virtual service is on 443 and is not configured for SSL Acceleration?

If SSL Acceleration is not enabled, then the LM cannot decrypt the connection for the purpose of injecting the XFF header.

Thank you.

Avatar
support

Hi,

We are using LoadMaster version 7.1.35.3.14894.RELEASE (AZURE).

I cannot see the dropdown box "Add HTTP Headers", either for HTTP or HTTPS.

Can the X-Forwarded-For header be enabled on this version of the LoadMaster?. If not, what options are there?

Thanks

Avatar
Andres Garcia de Alba

Hi,
X-Forwarded-For header is available on that version. Are you configured for SSL Acceleration?

Avatar
support

SSL Acceleration is disabled for HTTP virtual service and enabled for HTTPS virtual service. Neither of them has the dropdown box labeled "Add HTTP Headers".

Edited by support
Avatar
Andres Garcia de Alba

Hello,
I see that you are already working with our support team.
I'm confident that they will be able to figure this out.

Avatar
support

Thanks Andres, for your help. I will post here the resolution to help others.