So, you’re using IIS and you want to track your clients by IP address in your IIS logs. Unfortunately, out of the tin, this is simply not possible. The X-Forwarded-For (XFF) HTTP header is an industry standard to find the IP address of a client machine that is connecting to your web server via an HTTP proxy, load balancer etc. that Microsoft IIS does not support. Luckily, various solutions are available to address this limitation, some that cost money and others that have been released as open source. One excellent example that we’ve tested with our products is F5′s X-Forwarded-For ISAPI filter. We’ve tested this with IIS7 although according to F5′s post, it should also support IIS6. It also comes in 32 & 64 bit flavours which is great.

To get up and running with IIS7 64bit:

1. Download & extract the zipped archive from here
2. Navigate to ..\F5XForwardedFor2008\x64\Release
3. Copy F5XForwardedFor.dll to a suitable location on your server, e.g. C:\ISAPIfilters
4. Make sure you have ISAPI Filters enabled on your IIS server
5. Open IIS Manager, select the site and double-click ISAPI Filters
6. Click ‘add’, then in the popup enter a suitable name and select the DLL file stored in step 3
7. Restart your website

That’s it! You should now start seeing the IP address of the client PC’s in your IIS logs rather than the IP of the load balancer.

One other note, this method also works if you’re using Pound SSL in your configuration.

This entry was posted on Friday, February 4th, 2011 at 12:29 pm and is filed under Load Balancing, Pound, haproxy. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.