Symptom:
In GoAnywhere Services Logs (HTTPS, SFTP) - The 'Remote IP Address' is not the end-user IP address, for example:
That Address is the IP Address of the customer's NLB component (F5, Netscaler etc...) or Firewall NAT address
Cause:
This issue is caused by the way network devices operate and see each-other. Since most Firewalls and/or NLBs will do an Address Translation (NAT), the MFT server will see the NAT address and not the actual IP of the user
Solution:
To handle the above cases in web flows, a X-Forwarded-For header was introduced. The network equipment that is doing the NAT must support XFF, otherwise this will not work.
The support for the X-Forward-For header needs to be manually configured on the MFT.
Notice: this capability is supported in versions 6.4.1 and above!
1. Navigate to the installation directory of GoAnywhere MFT and edit the [installDir]/config/system.properties file
2. Add the following to the bottom of the file:
#X-Forward-For support
com.linoma.webClient.xff.proxyPattern=<1st Segment of the IP Address>\\.<2nd Segment of the IP Address>\\.<3rd Segment of the IP Address>\\.<4th Segment of the IP Address>
For example:
- Specific IP:
com.linoma.webClient.xff.proxyPattern=192\\.168\\.25\\.1 - All IPs in the 192.168.0.0 network:
com.linoma.webClient.xff.proxyPattern=192\\.168\\.\\d{1,3}\\.\\d{1,3}
4. Restart the GoAnywhere service
5. Verify that in new end-user connections logs - The 'Remote IP Address' is the end-user IP address, for example:
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article