Issue with value of X-Forwrded-For header + Incapsula

Question

One of our application has X-FORWARDED-FOR enabled and spoofing protection is enabled as well. The application use Incapsula Web Application Firewall for internet traffic, it accepts traffic from client and forwards to F5. The app team can only see Incapsula IP address instead of client IP addresses. Is there a way where F5 can retain client IP addresses provided by Incapsula so that they can see client IP's instead on Incapsula IP.&nbsp;
Our X-FORWARDED-FOR profile is configured this way
Request Header Erase : X-FORWARDED-FOR
Request Header Insert : X-FORWARDED-FOR:[IP::client_addr]&nbsp;

jg · Answer

Please see "https://devcentral.f5.com/questions/asm-dos-protection-and-trust-xff-header".&nbsp;

jstauffacher_11 · Answer

Try pulling the IP out of the 'Incap-Client-IP' Header. Incapsula puts it in both (for some reason). &nbsp;

Forum Discussion

Issue with value of X-Forwrded-For header + Incapsula

2 Replies

Recent Discussions

google-visualization-issues

The best load balance method on this scenario?

SMS server with BIGIP

Geo Fence in ASM through irule for URI

Client certificate Authentication - open multiple tabs

Related Content

Re: F5 XC Distributed Cloud HTTP Header manipulations and matching of the client ip/user HTTP header

Security headers

F5 Distributed Cloud - Service Policy - Header Matching Logic & Processing

iRule to modify a content-security-policy header

Log Http Headers