My Oracle Support Banner

OAA Recording F5 IP Instead Of Client Machine IP In The User Sessions (Doc ID 2967558.1)

Last updated on AUGUST 16, 2023

Applies to:

Oracle Advanced Authentication - Version and later
Information in this document applies to any platform.


On : version, Policy Engine

Request flow is Client -> F5 LB (SSL Full Proxy) -> Ingress Nginx Controller -> OAA/OARM 

Under "Monitor User Sessions" on OAA admin UI shows F5 Load balancer IP address. This is concerning given setup is expected to configure a Risky IP Use Case. Explained in Configuring a Risky IP Use Case in Oracle Adaptive Risk Management, Configure a Risky IP Use Case in OARM

It works alright with node-port configuration not using F5 LB and Ngnix. Ngnix logs show the client browser IP address correctly. 

F5 front ending request to Ingress Nginx has Header X-FORWARDED-FOR configured. Ingress is installed as part of OAA-OARM installation. 


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.