When you implement the Zero Trust Internet Access Gateway Service or the Zero Trust
Internet Access On-premises gateway, the user IP and geolocation is based on that
of the Cloud gateway or the on-premise gateway and not where your clients are located.
The X-Forwarded-For header allows you to insert your own public IP address to the
header for inspected HTTP/HTTPS traffic.
You set the X-Forwarded-For header to your On-premises and Cloud gateways separately.
The X-Forwarded-For header is a global setting that applies to all of your Internet
Access gateways. including both cloud and on-premise gateways.
You have three options when setting up and managing your gateways:
- No change: This is the default setting. The gateway does not change an X-Forwarded-For header.
- Append or insert the public IP address connecting to the gateway into X-Forwarded-For header: The gateway, including default gateway for public/home network location, uses your connecting public IP address in the X-Forwarded-For header for inspected HTTP/HTTPS traffic. You must ensure that HTTPS inspection is turned on for traffic requiring this action.
- Remove the X-Forwarded-For header: The gateway, including the default gateway, removes the X-Forwarded-For header from inspected HTTP/HTTPS traffic. You must ensure that HTTPS inspection is turned on for traffic requiring this action.
To add an X-Forward-For header:
Procedure
- On the Trend Vision One console, go to .
- On the Global Settings tab, click X=Forwarded=For.
- Under Cloud gateway, select the appropriate radio button:
- No change (Default)
- Append or insert the public IP address connecting to the cloud gateway into the X-Forwarded-For header
- Remove the X-Forwarded-For header
- Under On-premises gateway, select the appropriate radio button:
- No change (Default)
- Append or insert the public IP address connecting to the on-premises gateway into the X-Forwarded-For header
- Remove the X-Forwarded-For header