Results 1 to 4 of 4

Thread: X-Forwarded-For with F5-Bigip-zimbraProxy-zimbraMailbox

  1. #1
    mdeserventi is offline Member
    Join Date
    Nov 2012
    Posts
    10
    Rep Power
    2

    Exclamation X-Forwarded-For with F5-Bigip-zimbraProxy-zimbraMailbox

    How i can have the real ip of clients with the configuration below:

    Hw Load balancing with F5 Network Bigip Appliance - HTTPS TCP 443 (172.18.185.50 public interface --- NODE1:172.19.100.207,NODE2:172.19.100.206,VIPIP:17 2.19.100.208 inside interface)
    |
    |
    Proxy Zimbra TCP 8080 (172.19.100.47,172.19.100.48)
    |
    |
    ZimbraWebmail1-ZimbraWebmail2 TCP 80 (172.19.100.47,172.19.100.48)

    I have an F5 that balancing and masquering my zimbra proxy on the same machine that ZimbraWebmail (two machine)
    When a client X(for example 172.18.37.56) is calling the 172.18.185.50 (public interface F5-Load-Balancing-Appliance) in the audit log for the 172.19.100.47 and 172.19.100.48 (mailbox-servers) there are the ip of the inside interface of F5-Bigip (172.19.100.206,172.19.100.207) and not the of the client.
    The F5-Bigip have the function "insert X-Forwrded-For" enabled. Always for the zimbra "zimbra_http_originating_ip_header = X-Forwarded-For".
    How i can solve the problem?
    I'm needing to change the nginx config to intercept the client ip.

    Thanks in advance
    Sorry for my english!!!

  2. #2
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,506
    Rep Power
    57

    Default

    Quote Originally Posted by mdeserventi View Post
    How i can have the real ip of clients with the configuration below:
    How about "x-originating-ip", look in the Admin UI for the setting.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #3
    mdeserventi is offline Member
    Join Date
    Nov 2012
    Posts
    10
    Rep Power
    2

    Default

    In the "Global Setting MTA" is enabled. But in audit.lo there is always the if of f5 and not the ip of the client.

    Regards
    Last edited by mdeserventi; 10-13-2013 at 08:42 AM.

  4. #4
    mdeserventi is offline Member
    Join Date
    Nov 2012
    Posts
    10
    Rep Power
    2

    Default

    Quote Originally Posted by mdeserventi View Post
    In the "Global Setting MTA" is enabled. But in audit.lo there is always the if of f5 and not the ip of the client.

    Regards

    Problem SOLVED

    zmprov mcf +zimbraMailTrustedIP {IP of nginx-1} +zimbraMailTrustedIP {IP of nginx-2}

    http://www.zimbra.com/docs/os/7.2.3/...ml&single=true

    Thanks

    Regards

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. cannot print forwarded mail
    By harry12345 in forum Error Reports
    Replies: 3
    Last Post: 02-29-2012, 09:29 AM
  2. Find forwarded accounts?
    By vaidotas in forum Administrators
    Replies: 3
    Last Post: 08-19-2010, 03:21 AM
  3. Lotus to Zimbra with ZimbraProxy
    By iznodelavega in forum Migration
    Replies: 1
    Last Post: 04-23-2010, 07:59 AM
  4. [SOLVED] Usage of method zimbraMailBox.getAppointment()
    By Shikha Sood in forum Developers
    Replies: 2
    Last Post: 08-28-2008, 03:11 AM
  5. not getting forwarded mail
    By rmvg in forum Administrators
    Replies: 9
    Last Post: 12-14-2005, 05:51 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •