1. Did you Create a new Web Access Layer ? if no, you have to, to ensure a pit. 2. Do you see a match in the Policy Trace for the policy you created to suppress the XFF ?, if no then adjust the policy. once you have the above covered and the answer is Yes for both, then in the pcap for the school term between proxy and the OCS ( URL you are trying to suppress the XFF ) the request should not contain the XFF header. I would test this policy with an HTTP web site like example.com to ensure you have a peer, cause if you are applying this policy for an HTTPS locate you wont see the results in the pcap as those will be encrypted.

Sent: 06-29-2020 02:04 PM
From: sulman mushaq
Subject: Disable HTTP X-Forwarded-For header on ProxySG for one URL

Hi Slava, thanks for the reply.

I havent created a new WAL for this, instead I have added these two rules in the same WAL which I have for my users. Does these two rules must be in a separate WAL?

I have enabled SSL interception for all destinations, so proxysg will decrypt all the traffic. Still I won’t see the result in the pcap?

Thanks.

——————————
Symantec Enthusiast

Original Message:
Sent: 06-29-2020 12:07 PM
From: Slava Vasilasco
Subject: Disable HTTP X-Forwarded-For header on ProxySG for one URL

Hello SymSpec,

1. Did you Create a new Web Access Layer ? if no, you have to to ensure a match.
2. Do you see a match in the Policy Trace for the policy you created to suppress the XFF?, if no the adjust it.

Once you have the above covered and the answer is Yes for both, then in the pcap for the session between proxy and the OCS( URL you are trying to suppress the XFF) the request should not contain the XFF header.
I would test this policy with an HTTP web site like example.com to ensure you have a match, cause if you are applying this policy for an HTTPS site you wont see the results in the pcap as those will be encrypted.

Slava V
Original Message:
Sent: 06-29-2020 11:32 AM
From: sulman mushaq
Subject: Disable HTTP X-Forwarded-For header on ProxySG for one URL

Hi Slava, thanks for the reply. Basically I have created a 2 rules in the same WAL, the first URL is accessing this specific URL to any source, the second rule below this rule is suppressing the X Forwarded-For header as described in the KB and screenshot by you. Isn’t this right?

Secondly, can I take a packet capture on Proxy which will basically show that proxysg is suppressing the header for this destination in the transaction, if yes then which field will show this in wire-shark that I need to see. Thanks

——————————
Symantec Enthusiast

Original Message:
Sent: 06-29-2020 11:14 AM
From: Slava Vasilasco
Subject: Disable HTTP X-Forwarded-For header on ProxySG for one URL

Hello SymSpec,

The feature has been tested and working, perhaps there is no matching the policy configured to Suppress the XFF.
Verify and confirm that there is a match in the Policy!
If there is a match and the XFF is still not removed for the desired destination URL or Public IP or based on source client IP  then please log a technical case via the Broadcom Customer Portal.

Slava V
Original Message:
Sent: 06-29-2020 05:48 AM
From: sulman mushaq
Subject: Disable HTTP X-Forwarded-For header on ProxySG for one URL

Hi Slava, actually I tried this but its still not working, I can still see the client IP. Is there anything else I need to do to get it work?

——————————
Symantec Enthusiast

Original Message:
Sent: 06-26-2020 10:34 AM
From: Slava Vasilasco
Subject: Disable HTTP X-Forwarded-For header on ProxySG for one URL

Hello Sym ,

To answer your wonder : Yest it is possible and very simple .
You will need to created a new Web Access Layer in the VPM and by following the steps provided under theResolution section of this KB

https://knowledge.broadcom.com/external/article/168647/enable-the-xforwardedfor-header-in-the-v.html , with the exception of step # 5 we want it to be set toSuppress.

Should look exactly like this 

This Action will Suppress the XFF header, and then you can specify a source IP or destination URL etc in this policy.

I hope this helps.
Have a wonderful day.
Slava V This Action will Suppress the XFF header, and then you can specify a reservoir IP or finish URL etc in this policy.I hope this helps.Have a fantastic day.Slava V
Original Message:
Sent: 06-25-2020 04:32 PM
From: sulman mushaq
Subject: Disable HTTP X-Forwarded-For header on ProxySG for one URL

We have enabled the HTTP X-Forwarded-For header on ProxySG for all users and destinations, however we have a requirement where we want HTTP X-Forwarded-For header to be disabled for one particular source computer or for a destination URL. Is it possible to disable this either for a particular source or for a destination URL or we have to disable the HTTP X-Forwarded-For header globally for all users

——————————
Symantec Enthusiast
—————————— original message : send : 06-29-2020 02:04 PMFrom : sulman mushaqSubject : disable HTTP X-Forwarded-For header on ProxySG for one URLHi Slava, thanks for the reply.I havent created a raw WAL for this, rather I have added these two rules in the lapp WAL which I have for my users. Does these two rules must be in a separate WAL ? I have enabled SSL interception for all destinations, so proxysg will decrypt all the traffic. distillery I wo n’t see the result in the pcap ? Thanks. — — — — — — — — — — — — — — — Symantec EnthusiastOriginal message : send : 06-29-2020 12:07 PMFrom : Slava VasilascoSubject : disable HTTP X-Forwarded-For heading on ProxySG for one URLHello SymSpec,1. Did you Create a new Web Access Layer ? if no, you have to to ensure a match.2. Do you see a match in the Policy Trace for the policy you created to suppress the XFF ?, if no the adjust it.Once you have the above covered and the solution is Yes for both, then in the pcap for the session between proxy and the OCS ( URL you are trying to suppress the XFF ) the request should not contain the XFF header.I would test this policy with an HTTP web web site like example.com to ensure you have a match, cause if you are applying this policy for an HTTPS site you wont see the results in the pcap as those will be encrypted.Slava VOriginal message : send : 06-29-2020 11:32 AMFrom : sulman mushaqSubject : disable HTTP X-Forwarded-For heading on ProxySG for one URLHi Slava, thanks for the answer. Basically I have created a 2 rules in the lapp WAL, the first URL is accessing this specific URL to any generator, the second rule below this rule is suppressing the X Forwarded-For header as described in the KB and screenshot by you. Is n’t this right ? second, can I take a packet appropriate on Proxy which will basically show that proxysg is suppressing the header for this destination in the transaction, if yes then which playing field will show this in wire-shark that I need to see. Thanks — — — — — — — — — — — — — — — Symantec EnthusiastOriginal message : station : 06-29-2020 11:14 AMFrom : Slava VasilascoSubject : disable HTTP X-Forwarded-For header on ProxySG for one URLHello SymSpec, The feature has been tested and working, possibly there is no matching the policy configured to Suppress the XFF.Verify and confirm that there is a match in the policy ! If there is a match and the XFF is calm not removed for the hope finish URL or Public IP or based on reference customer IP then please log a technical case via the Broadcom Customer Portal.Slava VOriginal message : send : 06-29-2020 05:48 AMFrom : sulman mushaqSubject : disable HTTP X-Forwarded-For header on ProxySG for one URLHi Slava, actually I tried this but its silent not working, I can still see the customer IP. Is there anything else I need to do to get it work ? — — — — — — — — — — — — — — — Symantec EnthusiastOriginal message : mail : 06-26-2020 10:34 AMFrom : Slava VasilascoSubject : disable HTTP X-Forwarded-For header on ProxySG for one URLOriginal message : send : 06-25-2020 04:32 PMFrom : sulman mushaqSubject : disable HTTP X-Forwarded-For header on ProxySG for one URLWe have enabled the HTTP X-Forwarded-For header on ProxySG for all users and destinations, however we have a necessity where we want hypertext transfer protocol X-Forwarded-For heading to be disabled for one finical reference calculator or for a destination URL. Is it possible to disable this either for a particular source or for a destination URL or we have to disable the HTTP X-Forwarded-For header globally for all users — — — — — — — — — — — — — — — Symantec Enthusiast — — — — — — — — — — — — — — —

generator : https://themedipia.com
Category : Website hosting

Leave a Reply

Your email address will not be published.