I have Nginx server in front of a Tomcat server but I have a problem getting the real ip...
If I don't use SSL, then the real ip is set in both x-forwarded-from and x-real-ip but when I use SSL, those variables contain the ip address of the firewall in front of the Nginx server...
Is this just the way it is or is there something I can configure to fix this?

I am using the following config for proxy..:

proxy_redirect off;
proxy_pass http://appserver01_8070;

proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-By $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;


Regards,

BTJ

Are the configs (proxy_set_header) the same for both instances ?
Are you loading a proxy.conf file after setting them manually ?

---
nginx for Windows http://nginx-win.ecsds.eu/

Yes, the config are the same... I only commented out the ssl stuff from the config to check...
Not sure what you mean by loading a proxy.conf file but I am not loading any other files containing proxy configurations....

(sorry for det delay on answering...)

BTJ



Edited 1 time(s). Last edit at 10/25/2014 08:46AM by bjorntj.

https://wiki.jenkins-ci.org/display/JENKINS/Jenkins+behind+an+NGinX+reverse+proxy

Other then that it might be a tomcat issue as tomcat also expects certain values for different external situations, have a look if the connectors need different settings.

http://serverfault.com/questions/514551/make-tomcat-use-x-real-ip

---
nginx for Windows http://nginx-win.ecsds.eu/