Web Application Proxy on Windows 2019 Server puts 2 IPs in X-forwarded-FOR field

Andrew Skull 1 Reputation point
2021-08-11T06:38:41.66+00:00

Good Day All!
I've got a problem after migrating from Windows 2016 to Windows 2019 with WAP. In Windows 2016 the field X-forwarded-FOR contained only external IP of client and everything was OK. Now it has 2 IPs - the first is external IP of client and, if I'm not mistaking, source IP and port of WAP server. Example:

146.0.61.113,+172.16.173.11:59398

The problem is that ADFS server (Windows 2019) doen't show in event logs (event ids 1200, 1201, 1203, 1210...) the external IP of a client, only IP of WAP server. For example:
<IpAddress>172.16.173.11</IpAddress>
<ForwardedIpAddress />
<ProxyIpAddress>N/A</ProxyIpAddress>
<NetworkIpAddress>N/A</NetworkIpAddress>
<ProxyServer>WAP</ProxyServer>

Is this a bug or a feature? :)
Or maybe I'm missing something in a configuration?

Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
13,198 questions
Active Directory Federation Services
Active Directory Federation Services
An Active Directory technology that provides single-sign-on functionality by securely sharing digital identity and entitlement rights across security and enterprise boundaries.
1,261 questions
{count} votes

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.