https://live.paloaltonetworks.com/t5/next-generation-firewall/xff/m-p/562249#M1968 <P>Hi</P> <P>I am hosting a website behind ngfw.</P> <P>The traffic comes from google load balancer, and i would like to LOG ONLY the x-forward IP (the original).</P> <P>I have used this kb:&nbsp;<A href="https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-admin/policy/identify-users-connected-through-a-proxy-server/add-xff-values-to-url-filtering-logs" target="_blank">https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-admin/policy/identify-users-connected-through-a-proxy-server/add-xff-values-to-url-filtering-logs</A></P> <P>&nbsp;</P> <P>But my URL filtering logs are empty.</P> <P>Maybe it has to do with its inbound? i mean, the URL filtering works also for inbound traffic? (i.e protect a web site)</P> Wed, 18 Oct 2023 11:40:39 GMT chens 2023-10-18T11:40:39Z https://live.paloaltonetworks.com/t5/next-generation-firewall/xff/m-p/562249#M1968 <P>Hi</P> <P>I am hosting a website behind ngfw.</P> <P>The traffic comes from google load balancer, and i would like to LOG ONLY the x-forward IP (the original).</P> <P>I have used this kb:&nbsp;<A href="https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-admin/policy/identify-users-connected-through-a-proxy-server/add-xff-values-to-url-filtering-logs" target="_blank">https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-admin/policy/identify-users-connected-through-a-proxy-server/add-xff-values-to-url-filtering-logs</A></P> <P>&nbsp;</P> <P>But my URL filtering logs are empty.</P> <P>Maybe it has to do with its inbound? i mean, the URL filtering works also for inbound traffic? (i.e protect a web site)</P> Wed, 18 Oct 2023 11:40:39 GMT https://live.paloaltonetworks.com/t5/next-generation-firewall/xff/m-p/562249#M1968 chens 2023-10-18T11:40:39Z https://live.paloaltonetworks.com/t5/next-generation-firewall/xff/m-p/563130#M2003 <P>Hi&nbsp;<a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/80392">@chens</a>&nbsp;</P> <P>&nbsp;</P> <P>As far as I know, we need to enable the parsing of XFF value in http traffic. Did you enabled it?</P> <P>&nbsp;</P> <P>It can be enable using below command -</P> <P>&nbsp;</P> <PRE class="ckeditor_codeblock"><SPAN>set system setting ctd x-forwarded-for yes|no</SPAN></PRE> <P><BR /><BR /></P> Wed, 25 Oct 2023 15:35:07 GMT https://live.paloaltonetworks.com/t5/next-generation-firewall/xff/m-p/563130#M2003 SutareMayur 2023-10-25T15:35:07Z