Hi,
I have an HA Proxy instance setup on 2 virtual servers.
I have setup a Virtual IP as the frontend that recieves incoming requests on port 8080 and forwards them to 2 separate backend proxy servers on the same port.
the setup is working however when I try to access it, it shows me the IP address of the proxy server instead of the client machine IP, in the page source of the client machine.
I need to ensure that the client IP is displayed correctly in the page source of the client PC .
Any help will be appreciated.
Thanks in advance.
Hi,
Can anyone help me out over here?
FWIW, I tried using the source 0.0.0.0 usersrc clientip parameter in a bid to resolve this issue.
I also tried using option forwardfor except 127.0.0.1 in the frontend section and option forwardfor header X-client parameter in the backend section of the file, but this does not work.
I can share the configuration if required.
You also need to configure your backend server to consider the X-forward-for header.
Thank you for your response.
Please forgive me as I am a newbie to HA proxy.
This is the configuration file for HA Proxy.
global
log /dev/log local0 info
log /dev/log local1 notice
maxconn 30000
defaults
mode http
log global
option dontlognull
timeout connect 10000
timeout client 45000
timeout server 240000
maxconn 50000
option forwardfor except 127.0.0.1
frontend web-proxy
bind 10.250.4.91:8080 transparent
mode http
http-request set-header X-Real-IP %[src]
option forwardfor
option httplog
timeout client 15s
default_backend proxyservers
backend proxyservers
mode http
balance roundrobin
http-request set-header X-Real-IP %[src]
option forwardfor
timeout server 30s
timeout connect 4s
server PROXY-1 10.250.4.11:8080 check fall 2 inter 10000 rise 2
server PROXY-2 10.250.4.78:8080 check fall 2 inter 10000 rise 2
listen status 10.250.4.88:8081
mode http
stats enable
stats uri /hastatus
stats auth admin:123456
In your post , you mentioned that I will need to configure my backend server to consider the X-forward for header.
Where do I need to insert this parameter?
Do I need to install HA proxy on these servers as well?
No, you need to configure the webserver on your backend to consider the X-Forwarded-For header. How this can be achieved, if possible at all and what the configuration would look like depends on what the backend server software this actually is.
Once again thank you for you prompt response.
The backend servers are essentially proxy servers which run Websense.
Your reply indicates that I will have to ask forcepoint to help me find out how to consider the X-Forwarded-for header in this case.
Hi,
In your previous post, you had mentioned that I will need to configure the webserver on my backend to consider the X forwarded for header.
The backend servers over here run websense by forcepoint.
Can you let us know how to configure websense to consider the X Forwarded for header?
Alternatively, can you please let us redirect us to a link that shows us how this can be achieved?
I don’t have that information. I suggest you contact the vendor.
Sorry if this sounds like a stupid question.
By vendor, do you mean websense/forcepoint?