Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Preserve Client IP address in Azure API Management with Application Gateway scenario

Tags:

azure-api-management

azure-application-gateway

I have Azure Application Gateway and API Management configured in this setup https://learn.microsoft.com/en-us/azure/api-management/api-management-howto-integrate-internal-vnet-appgateway - Application Gateway is the public endpoint and only defined routes are passed through to API Management.

I want to use the ip-filter policy to restrict calls to certain IP addresses. However when calls are coming through Application Gateway, the original client IP address is lost or obfuscated to IP 0.0.0.0.

Is there a way to keep the original client IP address and pass it through from Application Gateway to API Management?

like image 670
Kai Walter Avatar asked Nov 18 '19 14:11

Kai Walter

People also ask

Can you assign multiple static public IPs to the app gateway?

Does Application Gateway support multiple public IPs on the gateway? An application gateway supports only one public IP address.

What is the difference between API gateway provided by Azure API Management and Azure Application Gateway?

Both do behave like a reverse proxy, APIM provides a policy framework to manipulate requests both inbound and outbound, along with features such as rate limiting and conditional caching. While Application Gateway has more features in terms of rewriting and manipulating traffic on an HTTP protocol stack.

How do I secure my Azure API gateway?

Using the Azure portal, protect an API with Azure AD by first registering an application that represents the API. For details about app registration, see Quickstart: Configure an application to expose a web API. In the Azure portal, search for and select App registrations. Select New registration.

Can Application Gateway uses private IP address?

Application Gateway V2 currently does not support only private IP mode. It supports the following combinations: Private IP address and public IP address.

1 Answers

You might find this article useful: https://learn.microsoft.com/en-us/azure/application-gateway/how-application-gateway-works#modifications-to-the-request

An application gateway inserts four additional headers to all requests before it forwards the requests to the backend. These headers are x-forwarded-for, x-forwarded-proto, x-forwarded-port, and x-original-host. The format for x-forwarded-for header is a comma-separated list of IP:port.

like image 67
Alex S Avatar answered Oct 21 '22 03:10

Alex S
Sign in to Comment

Related questions

Securing WebApi in Azure Api Management
Azure API Management issue with OData
Azure API Management - How to get original IP when APM is behind WAF
Is it possible to make a call to an Azure API Rest url without a subscription key?
No certificate in X-ARR-ClientCert header when called from Azure API Management
Disabling Ocp-Apim-Trace in the Azure API Management Services
Does Azure APIM support GraphQL?
How to specify rewrite url for query string parameters in Azure API Management
View Request Body in Application Insights
Work with URL template parameter values in policy templates
Export/Import Azure API Management Developer Portal Configurations
API management service ClientConnectionFailure at forward-request
Azure Api management Is it possible to disable Subscription Key
How to deploy automatically an Azure API management?
Azure API Management Template parameters used in the UriTemplate must be defined in the Operation, and vice-versa

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!