F5 Load Balancers

Apr 8, 2011 at 5:45 PM

We configured the automatic sign in by IP feature, however our web front ends are load balanced via F5 BIG-IP 1600s so packets appear to IIS to come from the IP of those rather than the IP address of the requesting client. F5 provides a workaround called XForwardedFor, which is an ISAPI filter that allows IIS to capture the real source IP address in its logs. That is working, however a normal packet capture will still show the source IP of the packets as the IPs of the F5s.

Can someone explain where this code looks for the source IP? I assuume it is looking in the HTTP packet, which is why it doesn't work for us. Is there a way to have it parse the same data that is sent to the IIS log instead?

 

Much thanks,

James

Apr 12, 2011 at 12:57 PM

The code that exmines the IP address of the requests is in http://spautomaticsignin.codeplex.com/SourceControl/changeset/view/61146#1235928

Basically: 

HttpContext.Current.Request.UserHostAddress
Jun 11, 2013 at 1:52 AM
Hi Jsantosp360,

Did you succeed with getting this solution to work behind the F5 load balancer? We are going to face the same issue and any advice would be appreciated ...

kind regards,
Glif