Hello,
I've done some searching on here and many posts I find are 5-10 years old and/or the original poster never came back to confirm whatever was suggested fixed their issue or not. And, for reasons beyond me, these threads are locked so you cannot even chime in to ask if what they did fixed it or not, so here I am.
We just set up WAF and now client IPs are all showing the IP of the Sophos Firewall. How can we preserve or retain the original client IP? We have a few scenarios where something on our web app is revealed to them based on their IP, but now all traffic is showing coming from the LAN IP of the Sophos.
I found one suggestion to make sure "Pass host header" is checked, and other suggestions to use X-Forwarded-For in IIS. Does anyone know what exactly needs to be done? I'm asking here before I simply click the Pass host Header checkbox and/or do the X-Forwarded-For thing, to get some feedback first.
Thanks!
This thread was automatically locked due to age.
