cancel
Showing results for 
Search instead for 
Did you mean: 

Accesss log did't get the username and actual client IP - ICAP with Bluecoat

Jump to solution

Hi,

recently, i'm deploying MWG as icap server intergrate with blouecoat proxy. and it can block those affected file probaly and when i check on the access log. i fould that the username field is empty and the source ip is the bluecoat ip not the client ip. my parameter as below attach. untitled.PNG

i have enabled the X-Auth User from blucoat icap service [response mode]

thank you.

Regards,

CL

0 Kudos
1 Solution

Accepted Solutions
asabban
Level 17

Re: Accesss log did't get the username and actual client IP - ICAP with Bluecoat

Jump to solution

Hello,

I would expect the Bluecoat to send an X-Authenticated-User and an X-Client-IP header. These headers should cause MWG to replace the source IP address to the IP of the client and insert the correct username. Can you  verify with a packet capture that both headers are present in the ICAP communication from BC to MWG?

Best,

ANdre

0 Kudos
2 Replies
asabban
Level 17

Re: Accesss log did't get the username and actual client IP - ICAP with Bluecoat

Jump to solution

Hello,

I would expect the Bluecoat to send an X-Authenticated-User and an X-Client-IP header. These headers should cause MWG to replace the source IP address to the IP of the client and insert the correct username. Can you  verify with a packet capture that both headers are present in the ICAP communication from BC to MWG?

Best,

ANdre

0 Kudos
eelsasser
Level 15

Re: Accesss log did't get the username and actual client IP - ICAP with Bluecoat

Jump to solution

If i remember correctly, sometimes BC will pre-fetch content before a user requests it without having a username or ip address associated with the user.

You could be seeing the results of this.

0 Kudos