Many customers deploy SecureAuth IdP Appliances behind a load balancer (LB) to provide high available and performant operation of the product. Unfortunately, any connection through the LB reveals only the originating IP address of the LB which severely limits the usefulness of the URL Rewrite and logging functionalities of IIS.
To address this issue, most LB products include support for sending the X-Forwarded-For (XFF) HTTP header. When enabled on a device which supports it, the IP address of the requesting client is included in the XFF header and passed to the SecureAuth IdP Appliance.
With a few minor configuration changes to IIS, the XFF information can be logged for auditing purposes and used to build URL Rewrite rules.
1. Ensure the following items are installed and running before configuring URL Rewrite