Client IP address (Full Version)

All Forums >> [ISA Server 2000 General] >> Server Publishing


Guest -> Client IP address (22.Jul.2002 1:57:00 PM)

We have a webapplication that checks the clients IP address. We have no put it behind an ISA Server and the application does not see the clients ip address anymore, but the internal ip address of the ISA server. Is there a way to make the original Ip adress available again. I saw that also in the IIS serverlog all the requests seem to come from the internal IP address of the isa server.

Thanks for your help

mboczek -> RE: Client IP address (22.Jul.2002 3:17:00 PM)

Microsoft KBase had an entry on this (can't find the number right now - maybe they were ashamed of it and withdrew it). Their recommendation/workaround was to publish the IIS using server publishing instead of web publishing.

HOWEVER, most experts (here and at agree that this is NOT a good idea since it opens your IIS to more risk and reduces the filtering options.

eg. A recent post seemed to indicate code red and nimda blocked with entries in the ISA logs, on my system (web published using server publishing) these entries appear in my IIS logs (with thankfully 404 response).

I'm not sure that the benefit of being able to see the remote ip is worth the extra risk!

If you decide to go ahead;
1) disable external listening on port 80.
2) create HTTP server protocol (port 80 inbound)
3) disable web pub rule
4) create/enable server pub rule, point external ip to internal iis server ip.

Has anyone seen KB Q311777 which indicates an sp1 registry change to force forwarding of the external ip. Could it apply in this case?

I think I'm going to get crucified for this one [Embarrassed]

Jim Harrison -> RE: Client IP address (4.Aug.2002 5:18:00 PM)

Hi guys,

Q311777 is only for server publishing and produced the same results in the IIS logs as web publishing; client IP = ISA internal IP.

THe other option for server-published web sites is to install URLScan on the IIS server to replace the URL filtering that web publishing offers.

You can get URLScan here:;EN-US;Q307608&

Page: [1]