Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Get real visitor IP address with pfsense

    General pfSense Questions
    4
    9
    2288
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      roy2019 last edited by

      Please check up my attached images for my environment description

      Problem: unable to get Visitor's IP address for logs

      my Nginx access logged 172.16.1.1(pfsense local IP address) as remote IP address.

      my Apache access logged 172.16.1.5(Nginx local IP address) as remote IP address.

      please advise, Thank you  :)
      ![Screen Shot 2017-01-06 at 11.38.47 AM.png](/public/imported_attachments/1/Screen Shot 2017-01-06 at 11.38.47 AM.png)
      ![Screen Shot 2017-01-06 at 11.38.47 AM.png_thumb](/public/imported_attachments/1/Screen Shot 2017-01-06 at 11.38.47 AM.png_thumb)

      1 Reply Last reply Reply Quote 0
      • J
        jamesonp last edited by

        What OS is your Apache server running?

        You're most likely looking for the mod_rpaf or mod_remoteip for apache.

        1 Reply Last reply Reply Quote 0
        • R
          roy2019 last edited by

          it's Ubuntu 16.04

          I have no problem at my end point(apache)

          the problem is my proxy(nginx) cannot get the real visitor IP address

          1 Reply Last reply Reply Quote 0
          • J
            jamesonp last edited by

            What does you nginx config look like for the server portion?

            1 Reply Last reply Reply Quote 0
            • R
              roy2019 last edited by

              I had try to change the

              proxy_set_header X-Real-IP $http_x_real_ip;

              proxy_set_header X-Real-IP $remote_addr;

              still not working, I keep get the IP address of 172.16.1.1 (pfsense)

              ![Screen Shot 2017-01-06 at 5.25.16 PM.png](/public/imported_attachments/1/Screen Shot 2017-01-06 at 5.25.16 PM.png)
              ![Screen Shot 2017-01-06 at 5.25.16 PM.png_thumb](/public/imported_attachments/1/Screen Shot 2017-01-06 at 5.25.16 PM.png_thumb)

              1 Reply Last reply Reply Quote 0
              • Jailer
                Jailer last edited by

                https://www.digitalocean.com/community/tutorials/how-to-configure-nginx-as-a-web-server-and-reverse-proxy-for-apache-on-one-ubuntu-16-04-server

                1 Reply Last reply Reply Quote 0
                • D
                  doktornotor Banned last edited by

                  You are in a completely wrong forum, guys. This one's neither about Ubuntu, nor about Nginx or Apache.

                  1 Reply Last reply Reply Quote 0
                  • R
                    roy2019 last edited by

                    @Jailer:

                    https://www.digitalocean.com/community/tutorials/how-to-configure-nginx-as-a-web-server-and-reverse-proxy-for-apache-on-one-ubuntu-16-04-server

                    Thank you, I able to fix the end point of apache hosts.

                    I had checked my nginx log, it happen after I upgraded to new pfsense version.

                    the last pfsense v2.2.5 , it log all visitor's IP address , but the latest version now only log the pfsense local address.

                    This is why I post here

                    1 Reply Last reply Reply Quote 0
                    • R
                      roy2019 last edited by

                      OK guys !

                      I found out the problem !

                      It caused by firewall > Nat > Outbound

                      I created a manual mapping on my LAN Interface allow

                      Source : Source port : Destination : Destination Port : Nat address : Nat port
                      Any : Any : Any : Any : Nat address : Any

                      I changed it to

                      Source : Source port : Destination : Destination Port : Nat address : Nat port
                      This Fiirewall : Any : Any : Any : Nat address : Any

                      now i got my all visitor IP address ! ;)

                      1 Reply Last reply Reply Quote 0
                      • First post
                        Last post