SMTP server-real ip with snat

Hey Ryan

 

Is it possible to do as below ?

 

https://devcentral.f5.com/s/feed/0D51T00006i7SXXSA2

 

Heya,

I had a look through that thread and it seems to suggest the same thing (that you need to move the gateway). I think the OP got confused about inserting the client ip as opposed to logging it. Sorry bro.

Hey Ryan

But he is saying these steps as well

Updated 23-Jan-2007•Originally posted on 23-Jan-2007 by Brian DeKemper 0

Thanks for the info. I went the link you provided and for IIS, it gave me the following steps, but I'm still not getting the source IP passed to the webserver. Any ideas?

1: Enable X-Forwarded-For

(I was able to 'enable' the Insert Xforward For in the HTTP profile that I use)

To configure the BIG-IP system to insert the original client IP address in an X-Forwarded-For header, perform the following procedure:

Log in to the BIG-IP Configuration utility.

Click Local Traffic.

Click Profiles.

Click HTTP from the Services drop-down menu.

Click the Create button.

Type a name for the HTTP profile.

Check the checkbox next to Insert XForwarded For.

A drop-down menu appears.

Select Enabled from the drop-down menu.

Click Finished.

2: Download the ISAPI Filter and install on IIS webserver

(I was able to download this and I am using the ISAPI filter in the top-level 'RELEASE' folder when I add it to my IIS website. Let me know if I need to use a different ISAPI filter for my Windows 2003, 32-Bit webserver.)

You can configure the IIS web server to extract the IP address from the X-Forwarded-For header and log the IP address to the web server log file. To do so, you will need to download and install the IIS X-Forwarded-For ISAPI Log Filter from https://cdn.f5.com/websites/devcentral.f5.com/downloads/F5XForwardedFor.zip.

.

The IIS ISAPI filter will look for the X-Forwarded-For header in the HTTP request. If the IIS ISAPI filter finds an X-Forwarded-For header in the HTTP request, it will replace the client IP address in the W3SVC log traces with the value of the X-Forwarded-For header.

To download and install the IIS X-Forwarded-For ISAPI Log Filter, perform the following procedure:

Log on to

http://devcentral.f5.com

.

Select iControl Code Share from the Downloads menu.

Download the IIS Proxy X-Forwarded-For Log Filter.

To install the ISAPI filter, add it to your IIS Web Site using the IIS administrative utility.

3: Configure iRule

(the IP wasn't showing up in my IIS logs after the first two steps above, so I also setup this iRule for my virtual servers)

iRule

To configure the BIG-IP system to insert the original client IP address in a header using an iRule, perform the following procedure:

Log in to the BIG-IP Configuration utility.

Click Local Traffic.

Click iRules.

Click the Create button.

Type a name in the Name field.

Copy and paste the following iRule in the Definition field:

when HTTP_REQUEST {

HTTP::header insert ORIG_CLIENT_IP [IP::remote_addr]

}

Is this possible?

Hey Ryan

 

Is it possible to do as below ?

 

https://devcentral.f5.com/s/feed/0D51T00006i7SXXSA2

 

Heya,

I had a look through that thread and it seems to suggest the same thing (that you need to move the gateway). I think the OP got confused about inserting the client ip as opposed to logging it. Sorry bro.

Hey Ryan

But he is saying these steps as well

Updated 23-Jan-2007•Originally posted on 23-Jan-2007 by Brian DeKemper 0

Thanks for the info. I went the link you provided and for IIS, it gave me the following steps, but I'm still not getting the source IP passed to the webserver. Any ideas?

1: Enable X-Forwarded-For

(I was able to 'enable' the Insert Xforward For in the HTTP profile that I use)

To configure the BIG-IP system to insert the original client IP address in an X-Forwarded-For header, perform the following procedure:

Log in to the BIG-IP Configuration utility.

Click Local Traffic.

Click Profiles.

Click HTTP from the Services drop-down menu.

Click the Create button.

Type a name for the HTTP profile.

Check the checkbox next to Insert XForwarded For.

A drop-down menu appears.

Select Enabled from the drop-down menu.

Click Finished.

2: Download the ISAPI Filter and install on IIS webserver

(I was able to download this and I am using the ISAPI filter in the top-level 'RELEASE' folder when I add it to my IIS website. Let me know if I need to use a different ISAPI filter for my Windows 2003, 32-Bit webserver.)

You can configure the IIS web server to extract the IP address from the X-Forwarded-For header and log the IP address to the web server log file. To do so, you will need to download and install the IIS X-Forwarded-For ISAPI Log Filter from https://cdn.f5.com/websites/devcentral.f5.com/downloads/F5XForwardedFor.zip.

The IIS ISAPI filter will look for the X-Forwarded-For header in the HTTP request. If the IIS ISAPI filter finds an X-Forwarded-For header in the HTTP request, it will replace the client IP address in the W3SVC log traces with the value of the X-Forwarded-For header.

To download and install the IIS X-Forwarded-For ISAPI Log Filter, perform the following procedure:

Log on to

http://devcentral.f5.com

.

Select iControl Code Share from the Downloads menu.

Download the IIS Proxy X-Forwarded-For Log Filter.

To install the ISAPI filter, add it to your IIS Web Site using the IIS administrative utility.

3: Configure iRule

(the IP wasn't showing up in my IIS logs after the first two steps above, so I also setup this iRule for my virtual servers)

iRule

To configure the BIG-IP system to insert the original client IP address in a header using an iRule, perform the following procedure:

Log in to the BIG-IP Configuration utility.

Click Local Traffic.

Click iRules.

Click the Create button.

Type a name in the Name field.

Copy and paste the following iRule in the Definition field:

when HTTP_REQUEST {

HTTP::header insert ORIG_CLIENT_IP [IP::remote_addr]

}

Is this possible?