Hello,
Im trying to figure out if I am able to see if X-Forwarded-for header is being really forwarded to destination server.
I did try those debug commands:
diagnose debug reset
diagnose debug timestamp enable
diagnose debug flow filter server-ip 10.144.155.10
diagnose debug flow filter flow-detail 7
diagnose debug flow filter session-detail
diagnose debug flow filter http-detail 7
diagnose debug flow filter module-detail module x-forworded-for # also did try ALL
diagnose debug flow filter module-detail status on
diagnose debug flow trace start
diagnose debug enable
I didnt get any results that would show me that such header was passed. Is it possible? Service is using SSL - so packet capture wont show me encrypted data.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Debug log in developer console will only show the current running user. You can set the debug level to the user running the apex job. The logs can also be downloaded from the setup app, but it's pretty useless way to debug. Generally speaking if I have a problem in prod, I refresh my partial sandbox and recreate it there so I have access to everything there https://speedtest.vet/ .
Hi Roman
I didn't try to show it in debug log before but you may check if it is well configured as follows:
This should forward the header to the back-end server.
Hi AEK,
thx for answer - of course X-Forwarded-for is working, but I just wanna have a proof from WAF that it was actually forwarded. :) Otherwise I must rely on the other side.
Did you try packet capture (menu Network > Packet Capture)?
Otherwise I'd also see if I can check it from server side;
Otherwise I'd temporarily disable SSL (if not in prod) between FWB and back-end server to see the clear traffic.
Created on 03-21-2024 04:08 AM Edited on 03-21-2024 04:10 AM
Yeap I did try. Sure thats one of solution it showed me already. But i was hoping that maybe, I could see it in the debug logs directly without disabling ssl or decryption traffic. :)
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1666 | |
1077 | |
752 | |
446 | |
220 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.