Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
wasfi
New Contributor

How does the Fortigate firewall deal with an XFF header inserted

Hi; I would like to have Fortigate insert an X-Forwarded-For header by using the "Preserve Client IP" option available with a load balancing virtual server. My question is: If there is an upstream device that inserted the XFF header before the Fortigate, does the fortigate add a second value to the first. So:

 

X-Forwarded-For: value1 inserted by upstream device, value2 inserted by Fortigate

 

Or does it add a second occurance of the XFF header, like:

 

X-Forwarded-For: value1 by upstream device

X-Forwarded-For: value2 by Fortigate Kindly Wasfi

1 REPLY 1
emnoc
Esteemed Contributor III

I believe it's appends to the existing XFF not add 2 XFF headers. if you add 2 XFF headers line I seen strage things where only the last one is picked up or something like that.

 

So it  should looked like "X-Forwarded-For: x.x.x.x, y.y.y.y"

 

 

Ken Felix

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
Top Kudoed Authors