Preserve IP address with Reverse Proxy?
Moderator: Qbik Staff
4 posts
• Page 1 of 1
Preserve IP address with Reverse Proxy?
by itm » Aug 25 08 11:52 am
I've set up reverse proxies on Wingate v6.2, routing requests for specified hosts to an IIS server on the same machine. The IIS server contains a web site for each of these hosts. I've enabled IIS logging for each of these sites. The problem is that the IP address for each incoming request shows as 127.0.0.1 in the web logs, because the request has been passed via the reverse proxy. Is there any way that the reverse proxy can pass on the originating IP address to the IIS server?
- itm
- Posts: 2
- Joined: Aug 25 08 11:45 am
Re: Preserve IP address with Reverse Proxy?
by adrien » Aug 25 08 2:13 pm
Hi
I'm not sure what benefit you get from running WinGate as a reverse proxy in front of IIS on the same machine. Except maybe for being able to lock down IPs and times of day etc.
But anyway, since in reverse proxy operation, it's WinGate that makes the connection to the server, then the connection comes from WinGate's IP.
You can get WinGate to insert a X-Forwarded-For header with the real client IP if you enable "Add X-Forwarded-For header" on the Connection tab of the WWW proxy. However then scripts running on IIS will need to check this header to get the real client IP. Also in this case for LAN users surfing out through this proxy, their internal IPs will be published - you could avoid this by using a different WWW proxy (bound to different adapters - e.g internal vs external) for internal users.
Regards
Adrien
I'm not sure what benefit you get from running WinGate as a reverse proxy in front of IIS on the same machine. Except maybe for being able to lock down IPs and times of day etc.
But anyway, since in reverse proxy operation, it's WinGate that makes the connection to the server, then the connection comes from WinGate's IP.
You can get WinGate to insert a X-Forwarded-For header with the real client IP if you enable "Add X-Forwarded-For header" on the Connection tab of the WWW proxy. However then scripts running on IIS will need to check this header to get the real client IP. Also in this case for LAN users surfing out through this proxy, their internal IPs will be published - you could avoid this by using a different WWW proxy (bound to different adapters - e.g internal vs external) for internal users.
Regards
Adrien
- adrien
- Qbik Staff
- Posts: 5448
- Joined: Sep 03 03 2:54 pm
- Location: Auckland
Re: Preserve IP address with Reverse Proxy?
by itm » Aug 25 08 10:51 pm
Thanks - I'll check this out.
The reason for running this in front of IIS on the same machine is that there are 2 URLs which need to be served by other servers on the LAN. If all sites were served from the same machine then yes the reverse proxy would be redundant. Unless there's a better way of doing this without the reverse proxy?
The reason for running this in front of IIS on the same machine is that there are 2 URLs which need to be served by other servers on the LAN. If all sites were served from the same machine then yes the reverse proxy would be redundant. Unless there's a better way of doing this without the reverse proxy?
- itm
- Posts: 2
- Joined: Aug 25 08 11:45 am
Re: Preserve IP address with Reverse Proxy?
by adrien » Aug 26 08 1:10 am
Hi
I can't think of a better way since you have other sites on other servers and you need to be able to split them out based on host header (i.e. which domains etc).
Unless you have another IP at your disposal, but probably not.
Regards
Adrien
I can't think of a better way since you have other sites on other servers and you need to be able to split them out based on host header (i.e. which domains etc).
Unless you have another IP at your disposal, but probably not.
Regards
Adrien
- adrien
- Qbik Staff
- Posts: 5448
- Joined: Sep 03 03 2:54 pm
- Location: Auckland
4 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 14 guests