Help
FortiProxy
FortiProxy provides enterprise-class protection against internet-borne threats and Advanced Web Content Caching
xshkurti
Staff
Staff

Created on ‎09-25-2024 03:48 AM

Article Id 344130

Technical Tip: How to view/log actual client IP on FortiProxy FortiView when traffic is received from another proxy with X-fowarded-for enabled

Description This article describes how to view real client IP on FortiProxy when user is hidden behind another proxy device with x-forwarded HTTP headers configured to send ClientIP inside HTTP headers
Scope FortiProxy 7.0+
Solution

The solution below is designed to help find real clientip that is hidden from another proxy that is forwarding clientip inside http headers.

 

A simple network diagram is represented below:


Proxy-ClientIP.png

 

To view the Real IP of the client which is located inside HTTP headers, navigate to Log & Report -> Http Transaction Log:

 

                                          Proxy-Log.png

 

In the main view, select Configure Table. By default, it is not visible but can be activated by hovering the mouse on top of it.

Proxy-Table.png

 

Select Client IP from the column options and apply the change:

 

Proxy-final.png

 

After this change, the Client IP Column will be visible, and all IPs will be listed here.

 

Related articles: 
Logging client IP for forward traffic and HTTP transaction | FortiProxy 7.4.5 | Fortinet Document Li...

Types of logs | FortiProxy 7.4.5 | Fortinet Document Library
203
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.