Forwarding the Client IP Address to the Server

The Forward Client Credentials page is used to configure the proxy to send client credentials to the remote server.

To Configure the Proxy to Send Client IP Addresses

1. Access the Server Manager and click the Routing tab.

2. Click the Forward Client Credentials link.

   The Forward Client Credentials page is displayed.

3. Select the resource from the drop-down list or click the Regular Expression button, type a regular expression and click OK.

4. Set the forwarding options:

   • Client IP Addressing Forwarding. The Proxy Server does not send the client’s IP address to remote servers when making requests for documents. Instead, the proxy acts as the client and sends its IP address to the remote server. However, you might want to pass on the client’s IP address in the following situations:

     • If your proxy is one in a chain of internal proxies.

     • If your clients need to access servers that depend on knowing the client’s IP address. You can use templates to send the client’s IP address only to particular servers.

     Set the option to configure the proxy to send client IP addresses:

     • Default. Enables the Proxy Server to forward the client’s IP addresses.

     • Blocked. Does not allow the proxy to forward the client’s IP addresses.

     • Enabled Using HTTP Header. You can specify an HTTP header for the proxy to use when forwarding IP addresses. The default HTTP header is named Client-ip, but you can send the IP address in any header you choose.

   • Client Proxy Authentication Forwarding. Set the option to configure the proxy to send the client’s authentication details:

     • Default. Enables the Proxy Server to forward the client’s authentication details.

     • Blocked. Does not allow the proxy to forward the client’s authentication details.

     • Enabled Using HTTP Header. You can specify an HTTP header for the proxy to use when forwarding authentication details.

   • Client Cipher Forwarding. Set the option to configure the proxy to send the name of the client’s SSL/TLS cipher suite to remote servers.

     • Default. Enables the Proxy Server to forward the name of the client’s SSL/TLS cipher suite to remote servers.

     • Blocked. Does not allow the proxy to forward the name of the client’s SSL/TLS cipher suite to remote servers.

     • Enabled Using HTTP Header. You can specify an HTTP header for the proxy to use when forwarding the name of the client’s SSL/TLS cipher suite to remote servers. The default HTTP header is named Proxy-cipher, but you can send the name of the client’s SSL/TLS cipher suite in any header you choose.

   • Client Keysize Forwarding. Set the option to configure the proxy to send the size of the client’s SSL/TLS key to remote servers.

     • Default. Enables the Proxy Server to forward the size of the client’s SSL/TLS key to remote servers.

     • Blocked. Does not allow the proxy to forward the size of the client’s SSL/TLS key to remote servers.

     • Enabled Using HTTP Header. You can specify an HTTP header for the proxy to use when forwarding the size of the client’s SSL/TLS key to remote servers. The default HTTP header is named Proxy-keysize, but you can send the size of the client’s SSL/TLS key in any header you choose.

   • Client Secret Keysize Forwarding. Set the option to configure the proxy to send the size of the client’s SSL/TLS secret key to remote servers:

     • Default. Enables the Proxy Server to forward the size of the client’s SSL/TLS secret key to remote servers.

     • Blocked. Does not allow the proxy to forward the size of the client’s SSL/TLS secret key to remote servers.

     • Enabled Using HTTP Header. You can specify an HTTP header for the proxy to use when forwarding the size of the client’s SSL/TLS secret key to remote servers. The default HTTP header is named Proxy-secret-keysize, but you can send the size of the client’s SSL/TLS secret key in any header you choose.

   • Client SSL Session ID Forwarding. Set the option to configure the proxy to send the client’s SSL/TLS session ID to remote servers.

     • Default. Enables the Proxy Server to forward the client’s SSL/TLS session ID to remote servers.

     • Blocked. Does not allow the proxy to forward the client’s SSL/TLS session ID to remote servers.

     • Enabled Using HTTP Header. You can specify an HTTP header for the proxy to use when forwarding the client’s SSL/TLS session ID to remote servers. The default HTTP header is named Proxy-ssl-id, but you can send the client’s SSL/TLS session ID in any header you choose.

   • Client Issuer DN Forwarding. Set the option to configure the proxy to send the distinguished name of the issuer of the client’s SSL/TLS certificate to remote servers.

     • Default. Enables the Proxy Server to forward the distinguished name of the issuer of the client’s SSL/TLS certificate to remote servers.

     • Blocked. Does not allow the proxy to forward the distinguished name of the issuer of the client’s SSL/TLS certificate to remote servers.

     • Enabled Using HTTP Header. You can specify an HTTP header for the proxy to use when forwarding the distinguished name of the issuer of the client’s SSL/TLS certificate to remote servers. The default HTTP header is named Proxy-issuer-dn, but you can send the name of the issuer of the client’s SSL/TLS certificate in any header you choose.

   • Client User DN Forwarding. Set the option to configure the proxy to send the distinguished name of the subject of the client’s SSL/TLS certificate to remote servers.

     • Default. Enables the Proxy Server to forward the distinguished name of the subject of the client’s SSL/TLS certificate to remote servers.

     • Blocked. Does not allow the proxy to forward the distinguished name of the subject of the client’s SSL/TLS certificate to remote servers.

     • Enabled Using HTTP Header. You can specify an HTTP header for the proxy to use when forwarding the distinguished name of the subject of the client’s SSL/TLS certificate to remote servers. The default HTTP header is named Proxy-user-dn, but you can send the name of the subject of the client’s SSL/TLS certificate in any header you choose.

   • Client SSL/TLS Certificate Forwarding. Set the option to configure the proxy to send the client’s SSL/TLS certificate to remote servers.

     • Default. Enables the Proxy Server to forward the client’s SSL/TLS certificate to remote servers.

     • Blocked. Does not allow the proxy to forward the client’s SSL/TLS certificate to remote servers.

     • Enabled Using HTTP Header. You can specify an HTTP header for the proxy to use when forwarding the client’s SSL/TLS certificate to remote servers. The default HTTP header is named Proxy-auth-cert, but you can send the client’s SSL/TLS certificate in any header you choose.

   • Client Cache Information Forwarding. Select one of the options to configure the proxy to send information about local cache hits to remote servers:

     • Default. Enables the Proxy Server to forward the information about local cache hits to remote servers.

     • Blocked. Does not allow the proxy to forward the information about local cache hits to remote servers.

     • Enabled Using HTTP Header. You can specify an HTTP header for the proxy to use when forwarding information about local cache hits to remote servers. The default HTTP header is named Cache-info, but you can send the information about local cache hits in any header you choose.

   • Set Basic Authentication Credentials. Set the option to configure the proxy to send a HTTP request.

     • User. Specify the user to authenticate.

     • Password. Specify the user’s password.

     • Using HTTP Header. You can specify an HTTP header for the proxy to use to communicate the credentials.

5. Click OK.

6. Click Restart Required. The Apply Changes page is displayed.

7. Click the Restart Proxy Server button to apply the changes.