In GoAnywhere Services Logs (HTTPS, SFTP) - The 'Remote IP Address' is not the end-user IP address, for example:

That Address is the IP Address of the customer's NLB component (F5, Netscaler etc...) or Firewall NAT address


This issue is caused by the way network devices operate and see each-other. Since most Firewalls and/or NLBs will do an Address Translation (NAT), the MFT server will see the NAT address and not the actual IP of the user


To handle the above cases in web flows, a X-Forwarded-For header was introduced. The network equipment that is doing the NAT must support XFFotherwise this will not work.

The support for the X-Forward-For header needs to be manually configured on the MFT.

Notice: this capability is supported in versions 6.4.1 and above!

1. Navigate to the installation directory of GoAnywhere MFT and edit the [installDir]/config/ file

2. Add the following to the bottom of the file:

#X-Forward-For support

com.linoma.webClient.xff.proxyPattern=<1st Segment of the IP Address>\\.<2nd Segment of the IP Address>\\.<3rd Segment of the IP Address>\\.<4th Segment of the IP Address>

For example:

  • Specific IP:
  • All IPs in the network:

4. Restart the GoAnywhere service

5. Verify that in new end-user connections logs - The 'Remote IP Address' is  the end-user IP address, for example: