When using Web Interface and Secure Gateway on the same server all traffic is proxied by default on localhost:80. The problem this poses is that querying the ServerVariable REMOTE_ADDR will now always return 127.0.0.1 for ALL users proxying through Secure Gateway.
With Secure Gateway 3.0 a new variable (HTTP_X_FORWARDED_FOR) is set to store the remote Client IP before forwarding the request to the IIS Server. The new variable can be used within Web Interface to get the real client IP again, so it can be used for IP Pre-fixes or to be stored in the Analyze Center.
The code for Web Interface 2.0 works by creating a temporary cookie on the user's browser containing the REAL IP address of the client. If the cookie doesn't exist and the user is proxying through CSG, the user is sent back to HTTP (IIS without CSG) momentarily, the user's IP is saved, and then the user is sent back through CSG; the connection once again secured.
- Configuring Web Interface to See the Real IP Address of a Client Connecting Through Secure Gateway 3.0