Capture IP without using X-Forwarded For

kaushik.vivek · ‎12-17-2012

Hello Friends,

We are running a web-application that has a login on the very first page.

We want to capture the real IP addresses of all the customers that visit our application.

We have Cisco layer 3 Load balancer configured in a shared mode with Natting.

We are running IBM http server over Apache.

We proposed using "X-Forwarded For" header to capture client IP but were not allowed due to known vulneabilities associated with X-Forwarded for.

We want to capture client IPs for "http" and "https" without using "X-Fwd for".

Can someone kindly suggest if there is any alternate to it?

If yes then how to implement it?

rgadle · ‎12-20-2012

Hi Vivek, adding X forwarded method.to load balance policy. So that source ip address is added to HTTP header, is the only method. Unless the application itself does not request source ip add in the header. Which can be passed through the load balancer.

Sent from Cisco Technical Support Android App

Cesar Roque · ‎12-28-2012

Hi Vivek,

the problem with the x-fwd-for is the name of the header? What is the security risk?

---------------------
Cesar R
ANS Team

--------------------- Cesar R ANS Team

Capture IP without using X-Forwarded For

Intelligent Capture にて AP Stats Capture の Specific を選択できない

ISR1k/ISR4k: Smart Licensing Using Policy においての IP Base ライセンスについて

Hi, Packet Capture on IP

Wireshark以外でのpacket capture(Windows)

IP Traffic Export - Packet Capture