08-28-2025 12:07 PM - edited 08-29-2025 12:12 AM
Hi all, Now with explicit and transparent forward proxy support I see a need for X-Forwarded-For/Real-Client-IP header insertion support and a second place cache support. Palo Alto can insert the user id in a header for the backend server (Username Header Insertion) but why not the ip address 🤔
Maybe before it was harder to extract layer ip address but as of now Palo Alto supports this Support for Custom Layer 3 and Layer 4 Threat Signatures
For the web cache this is secondary but still most web proxies do have it and as Palo Alto as a web proxy should be doing buffering of the traffic as to get the full HTTP request before sending it , it should be possible. Also I have not seen if there are system variables to control the buffering?
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
