Are you looking to add X-Forwarded-For functionality to your IIS Web Serve or ISA Server proxy infrastructure like you can with Squid, Apache, F5 Big-IP, Blue Coat, Cisco Cache Engine, Netcache etc? Now you can! Winfrasoft X-Forwarded-For for ISA Server and IIS adds the ability to track and log the source IP address of a client PC through a proxy server chain to the web server. This is very useful for log analysis when branch offices connect to the Internet via a head office proxy server, and when the real client IP address is required on a web server for accurate reporting and analysis. On this page... What's new in version 2.0 How it works System Requirements Pricing

• Added support for Proxy Trust List
• Supports logging of both X-Forwarded-For data and layer 4 source IP information
• Runs on Windows Server 2008 with IIS 7.0

• Added support for reverse proxy scenarios
• Works with both HTTP and SSL connections for Web Publishing
• Supports proxy chains longer than two servers in both directions
• Integrates with other 3rd party products that support the X-Forwarded-For de facto standard
• Runs on ISA Server 2004

Making forward proxy requests from ISA Server: X-Forwarded-For for ISA Server adds the X-Forwarded-For field to the HTTP header of web requests leaving the ISA Server. The new field contains the IP address of the original web browser client PC.

Receiving forward proxy requests into ISA Server: If the ISA Server receives a proxy request which contains the X-Forwarded-For field in the HTTP header, the filter will log the XFF IP as the client IP address instead of the IP address of the requesting proxy server. The IP address of the requesting proxy server is not lost, it is added to the Filter Information field in the ISA Server logs. If it is the last proxy in a forward proxy chain the header is removed by default for security. In a reverse proxy scenario the header is forwarded on to the published web server for processing.

Security: In a forward proxy scenario, if the ISA Server is not configured with a web chaining rule it will not add the XFF header, this helps to prevent your internal server names being revealed to the Internet. NB: You should never trust X-Forward-For header information that originates from outside of your organisation as the field is not signed or authenticated. Use the Proxy Trust List on the IIS web server to prevent X-Forwarded-For spoofing.

Note: X-Forwarded-For for ISA Server and IIS uses the same HTTP field format as other vendor implementations of this technology and should be compatible with other proxy server solutions, although this has not been tested.

	Download the X-Forwarded-For for IIS 2.0 Installation and Configuration Guide
	Download the X-Forwarded-For for IIS 2.0 Solution overview
	Download the X-Forwarded-For for IIS 2.0 Technical Datasheet
	Download the X-Forwarded-For for ISA Server 2.0 Installation and Configuration Guide
	Download X-Forwarded-For for ISA Server 2.0 Solution overview
	Download X-Forwarded-For for ISA Server 2.0 Technical Datasheet

• Windows Server 2003
• ISA Server 2004 Standard Edition or Enterprise Edition or
• ISA Server 2006 Standard Edition or Enterprise Edition

• Native 32bit and x64 support
• Windows Server 2003 with IIS 6.0 or
• Windows Server 2008 with IIS 7.0

Languages:

• X-Forwarded-For for ISA Server is compatible with multi-lingual versions of Windows Server 2003 and ISA Server, however is only available in English. (Tested on English and Spanish editions)
• X-Forwarded-For for IIS is compatible with multi-lingual versions of Windows, however is only available in English. (Tested on English, Dutch and Spanish editions)
• Product support and documentation is only available in English.

Click here to download the full price list