Good day to you all,
Our business model requires that we obtain the original user IP and port to be able to identify said user - this is a business requirement, thus non-negotiable. We are investigating the support for this through ELB, but it seems to be a tad problematic:
1- IP is supported through the X-FORWARDED-FOR header on HTTP/HTTPS listeners, and through Proxy protocol on TCP listeners - so far so good.
2- Port, as far as I have been able to find, is only supported through proxy protocol - the X-FORWARDED-PORT seems to forward the listener port, rather than the client port which would be the one we need.
3- Our application is developed on ASP .NET, and thus requires IIS to host it. So far, IIS does not support Proxy Protocol - thus, we would need to set up an intermediate NGINX to act as a reverse proxy and handle the proxy protocol - and then forward the request along with the missing information in a custom header.
Am I wrong on my understanding? Is there a way to forward the client port through an HTTP/HTTPS listener without relying on the Proxy Protocol?
Thanks, and regards.
Edited by: SergioHerrero on Apr 16, 2020 6:35 AM
AWS OFFICIALAktualisiert vor 3 Jahren