Yes, this is supported with customers who have a PANW-DB URL license.
Objects --> Security Profiles --> URL --> URL Filtering Settings
From what I read in the provided article the Palo Alto needs to have a proxy device before it for the XFF to be used ? I need the Palo Alto create HTTP x-forward-for (XFF) header as the Palo Alto is only proxy device and it is used as a Forwarding SSL outbound proxy for a small branch office. Is this possible?
As mentioned the Palo Alto is also used as a forwarding web Proxy (SSL Outbound Inspection) for a small site. It also does NAT for the outbound traffic and some servers in HQ want to see the original client IP address. For me it seems normal to be able to do this on a firewall that also acts as a forwarding web Proxy.
Do you have your browsers configured to use the proxy settings and point them at the PA? If so, I wasn't aware they could do this.
As far as I know, the forward proxy is really meant as SSL decrypt when browsing. Traditional web proxy features like caching aren't available on the PA.
Is your HQ accessed over the internet or a private connection like a VPN tunnel?
The palo alto can be used as transperant ssl proxy with ssl redirect captive portal https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClJYCA0 . I don't get why there is no option to instert a header with the client IP address variable, similar to https://docs.paloaltonetworks.com/pan-os/9-1/pan-os-new-features/user-id-features/include-username-i... , I hope that this will be added as it is a simple option and in some cases needed. Thanks for your help.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!