• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

x-forwarded-for

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Misc.] >> 3rd Party Add-ons >> x-forwarded-for Page: [1]
Login
Message << Older Topic   Newer Topic >>
x-forwarded-for - 24.Mar.2011 8:41:24 PM   
kbloke

 

Posts: 57
Joined: 17.Mar.2008
Status: offline
Hi All,

We have an issue now which we are thinking of removing the NLB on our ISA boxes and use our F5 as the Load balancer. The problem is we would still like the ISA to log the ip address of the client instead of the F5. We are currently looking into this filter for x-forwarded-for for ISA 2006. Is there any free add on for this ? Thanks.
Post #: 1
RE: x-forwarded-for - 25.Mar.2011 3:26:13 AM   
kbloke

 

Posts: 57
Joined: 17.Mar.2008
Status: offline
Hi,

I found this product http://www.winfrasoft.com/x-forwarded-for.htm. But is something which I need to buy. Just wondering anyone tested this product before? From what I read is able to log the client ip on the isalogs but is unable to use the client ip on the firewall rule. Is that true?

(in reply to kbloke)
Post #: 2
RE: x-forwarded-for - 26.Mar.2011 10:38:21 AM   
stevenhope

 

Posts: 19
Joined: 12.Sep.2005
From: UK
Status: offline
Hi kbloke

XFF4ISA will certainly do the logging job for you. Its used by large oil companies, ISPs and auditors all over the world to solve this very problem.

You are correct in your assessment that the firewall rules will not take into account the XFF header. The product works on the web proxy layer and not the firewall layer. It would be dangerous to may it work this way as XFF headers can be spoofed easily when they are from an untrusted source.

We also have a version of the product for TMG and IIS. Our IIS product includes 64bit support and IP trust lists to strengthen the security of web server logs - this isn't available in the F5 free filter.

Hope this helps.

_____________________________

Steven Hope
Winfrasoft
http://www.winfrasoft.com

(in reply to kbloke)
Post #: 3

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Misc.] >> 3rd Party Add-ons >> x-forwarded-for Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts