Products
Solutions
Partners
Support
Company
Try Now
Pulse Secure Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SA as a reverse proxy

SOLVED
Go to solution
ravelord_
Not applicable
‎06-30-2011 07:49:AM
‎06-30-2011 07:49:AM

SA as a reverse proxy

Hello,

I use the SA as a reverse proxy for outside users that want to access internal web servers no authorization, configured as a Virtual hostname with the backend URLs.

In our logging I always coming from the IP of internal port of the SA. Is it possible to have the Juniper send an extra header with the real client IP as in most reverse proxies? (X-Forwarded-For_?)

Thanks!

0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions
zanyterp_
Respected Contributor
‎07-03-2011 12:23:AM
‎07-03-2011 12:23:AM

Re: SA as a reverse proxy

No, this cannot be done. The external user IP is not available internally.

You can *try* a header policy (users>resource policies>web>sso>headers/cookies) and set the value of sourceIP or x-forwarded-for (if you have something that sets that value)

View solution in original post

0 Kudos
3 REPLIES 3
zanyterp_
Respected Contributor
‎07-03-2011 12:23:AM
‎07-03-2011 12:23:AM

Re: SA as a reverse proxy

No, this cannot be done. The external user IP is not available internally.

You can *try* a header policy (users>resource policies>web>sso>headers/cookies) and set the value of sourceIP or x-forwarded-for (if you have something that sets that value)
0 Kudos
chris.gaukel_
Not applicable
‎08-18-2014 01:08:PM
‎08-18-2014 01:08:PM

Re: SA as a reverse proxy

I did try your advice.   

 

 

It was effective.   My application is able to read and consumer the session variable "x-forwarded-for" created using this method.

 

Thanks.

 

@zanyterp wrote:
No, this cannot be done. The external user IP is not available internally.

You can *try* a header policy (users>resource policies>web>sso>headers/cookies) and set the value of sourceIP or x-forwarded-for (if you have something that sets that value)

 

 

0 Kudos
zanyterp_
Respected Contributor
‎09-07-2014 07:57:PM
‎09-07-2014 07:57:PM

Re: SA as a reverse proxy

You are welcome; glad it worked
0 Kudos
© 2017 Pulse Secure, LLC. Use of this website assumes acceptance of our Legal Notices and Privacy Policy. Pulse Secure has updated its Privacy Policy effective June 28, 2017.