FortiWeb Azure HA Client Public IP

fakrulalam · ‎07-29-2019

Hi,

I have deployed FortiWeb in HA mode using the following template:

https://github.com/fortinetsolutions/Azure-Templates/tree/master/FortiWeb/FortiWeb-VariableHA-2-NIC

It's working all fine except in web server logs it's showing ForitWeb internal IP, not Client Public IP. I have tried enabling the option from Server Policy, but after enabling that I can't connect to the WebServer. Is the issue related to Azure Load Balancer which is doing the NAT? Wondering anyone deployed FortiWeb in Azure and can share something.

Thanks

Deepak_Girimaji_FTNT · ‎07-29-2019

Hi,

If you are enabling the client real IP option in the server policy, then you need to set FortiWeb as the default gateway on the backend server. Instead, you could configure FortiWeb to include X‑Forwarded-For in the HTTP header before traffic is generated to the backend server. for more information and configuration, please refer the following link:

https://help.fortinet.com/fweb/610/index.htm#FortiWeb/fortiweb-admin/define_proxies_clients.htm?High...

The backend server needs to be configured to read the content in X-forwarded-for header for logging.

I hope this helps.

Regards,

Deepak

Best regards,
Deepak G N R
ETAC Manager
EMEA FortiWeb/ADC/WAN/DDoS/Isolator Team

Nikhil_Chaudhari · ‎08-01-2019

Hi,

Pls enable X-Forwarded For on server side and also enable on WAF end you will get Real IP in server logs.

Thanks.

Nikhil Chaudhari

FortiWeb Azure HA Client Public IP

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website