Reputation: 4001
Preserve Client IP address in Azure API Management with Application Gateway scenario
I have Azure Application Gateway and API Management configured in this setup https://learn.microsoft.com/en-us/azure/api-management/api-management-howto-integrate-internal-vnet-appgateway - Application Gateway is the public endpoint and only defined routes are passed through to API Management.
I want to use the ip-filter policy to restrict calls to certain IP addresses. However when calls are coming through Application Gateway, the original client IP address is lost or obfuscated to IP 0.0.0.0.
Is there a way to keep the original client IP address and pass it through from Application Gateway to API Management?
Upvotes: 9
Views: 9674
Answers (1)
Reputation: 1221
You might find this article useful: https://learn.microsoft.com/en-us/azure/application-gateway/how-application-gateway-works#modifications-to-the-request
An application gateway inserts four additional headers to all requests before it forwards the requests to the backend. These headers are x-forwarded-for, x-forwarded-proto, x-forwarded-port, and x-original-host. The format for x-forwarded-for header is a comma-separated list of IP:port.
Upvotes: 5
Related Questions
- Static IP address in Azure API management Service
- Azure API Management - How to get original IP when APM is behind WAF
- Use Api Gateway IP for Backend Calls
- Fetching dynamic IP in ARM of Application gateway in Azure
- Azure App Service with ARR Reading Client IP from Web API
- Azure Application Gateway with Api AppService without API gateway
- Static IP Address in Azure Application Gateway
- Configuring Application Gateway with API management Azure
- Azure application gateway restrict by source IP and server name
- Azure Application Gateways with existing back-end IPs