Problem Insert Clien IP in HTTP Header

We have configured a HTTP Template for insert client IP in the Http Header, in the SLB VS configuration we have two apache server.

The HTTP working properly in the Apache1 but Apache2 recived the HTTP Header with two X-Forwarded-For  (IP Client and IP NAT)

This is the configuration:

A10PRO1-NEW-Active-vMaster[1/1][DMZ]#$ slb virtual-server ESSUPRWEB-VIP
slb virtual-server ESSUPRWEB-VIP
  description ESSUPRWEB-VIP Virtual Server
  port 443 https
     name _172.16.183.1_HTTPS_443
     source-nat pool NATCLIENTE_DMZ
     service-group ESSUPRWEB_HTTPS
     template http HTTP-POLICY
     template client-ssl test-disa-cliente
     template server-ssl test-disa-server
     aflex aflex_CLIENT_ACCEPTED
     aflex aflex_Apache_PRO
  port 80 http
     name _172.16.183.1_HTTP_80
     template http HTTP-POLICY
     aflex HTTP_Redirect

A10PRO1-NEW-Active-vMaster[1/1][DMZ]#show slb template http
slb template http HTTP-POLICY
  insert-client-ip X-Forwarded-For replace


Apache2# /usr/sbin/tcpdump -i ens224 -A -s 10240 '(((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)' | egrep --line-buffered "^........(GET |HTTP\/|POST |HEAD )|^[A-Za-z0-9-]+: " | sed -r 's/^........(GET |HTTP\/|POST |HEAD )/\n\1/g' | grep X-Forwarded-For

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on ens224, link-type EN10MB (Ethernet), capture size 10240 bytes
X-Forwarded-For: IPclient, SNat Load Balancer

Can u help me please



  • mdunnmdunn Member

    Hello - That is strange behavior, especially for only one server within the service-group. Can you also provide the aflex scripts? Perhaps one of those is influencing this.

  • The Aflex aflex_Apache_PRO is for match domain name url and redirect directory for the apache

    The aflex aflex_CLIENT_ACCEPTED

Sign In or Register to comment.