Community
- Command Central
- MVP Program
- Monthly Mission
- Blogs
- Groups
- Events
- Media Vault
Products
- Observability
- Network Management
- Application Management
- IT Security
- IT Service Management
- System Management
- Database Management
Content Exchange
- SolarWinds Platform
- Server & Application Monitor
- Database Performance Analyzer
- Server Configuration Monitor
- Network Performance Monitor
- Network Configuration Manager
- SQL Sentry
- Web Help Desk
Free Tools & Trials
Store

public ip details on ftp server connection log

While we investigating SOC alert coming from DC log . We see that failed login attemp coming from the outside is related to ftp server.

After that we investigate the ftp server log we see that there is not a public ip details in the log. We see only LB internal ip .

how can we handle this poor log .

"X-Forward for" config on LB is resolve or not ?

Find more posts tagged with

Accepted answers

All comments

maeh

Hi,

x-forwarded-for is a http-protocol feature and doesn't work with ftp-connections. I don't know of any similar feature for ftp-protocol. this is not really a serv-u problem, but rather a global ftp-protocol problem.

best regards,
Markus

calc2014

Are you using Serv-U Gateway or a different load balancer? Are you able to get the logs from that for a period where you are seeing the failed login attempts?

whitesilver

Serv-U gateway behind the netscaler loadbalancer , We are reading logs from the gateway .

whitesilver

There is a knowledge base related to X- forwarded-For config , When I add this header on LB (Gateway is behind the netscaler LB) , ı dont see the client public ip , I only see only LB internal ip , After some investigation I find a config for X-Forwarded-For on gateway settings. but when I enabled this nothing change.

maeh

Again: x-forwarded-for is useless for ftp-protocol. It's a http-protocol extension.

best regards,

Markus

whitesilver

This is not a native ftp protocol usage , this product provide UI for enduser , as a result there is http protocol usage.

best regards