Enabling the firewall to use the X-Forwarded-For
headers to perform user mapping does not enable the firewall to
use the client IP address in the XFF header as the source address
in the logs; the logs still display the proxy server IP address
as the source address. However, to simplify the debugging and troubleshooting
process you can configure the firewall to
Add
XFF Values to URL Filtering Logs to display the client IP
address from the XFF header in the URL Filtering logs.