Real IP behind a WAF

Hello folks,

I am a user of bitwarden for a while now. My organization was looking for a password manager so I decided to host a Bitwarden instance.

It’s working really(!) good, however I can’t manage to get the Real-IP to the bitwarden instance.

The instance is behind a Barracuda NextGen WAF (with “X-Forwarded-For” set) with a public IP. I set the Real-IPs in config.yml as following:
real_ips:

  • 11.22.33.44 (Public IP of the WAF)
  • 172.26.1.2 (IP of the WAF itself)
  • 172.26.1.0/24 (Network of WAF)

Some ideas? The API gives me this json:
{“Ip”:“::ffff:192.168.0.10”,“Headers”:{“X-Forwarded-For”:{“Key”:“X-Forwarded-For”,“Value”:[“172.27.1.2”]}}}

I have really no clue what I am missing. :frowning:

I would suggest you to get in touch directly with the team. Go to https://bitwarden.com/contact/