Search code examples
iisiis-8.5arr

How to Configure/Enable Request Router Helper for IIS 8.5

We have a web filter/load balancer that directs traffic to our IIS 8.5 (Windows 2012 R2) servers. The issue is that in the IIS logs, the IP address (c-ip field) is logged as the local address of our load balancer (a Sophos UTM, not Microsoft’s ARR) while we need to log the actual client’s source IP (which is provided in the “custom” X-Forwarded-For header). I can’t use the “Advanced Logging” features of IIS to simply create another column as our log monitoring software can’t deal with this custom field, nor deal with the “_x” appended to the log file name.

Therefore, I have spent a number of hours trying to get Microsoft’s Request Router Helper to automatically convert the X-Forwarded-For field value to the c-ip field (which, I believe, it is supposed to do). Based on the reference sites I’ve listed below, I’ve done the following:

  1. Installed the requestrouterhelper_x64.msi from a ARR v3 installation on to our IIS 8.5 server
  2. I verified I could see the file (but did not change anything) at: C:\Windows\System32\inetsrv\config\schema\arr_helper_schema.xml
  3. I do not see any additional modules or features in IIS Manager (should I?)
  4. Viewed the log files (after IISRESET and even a reboot) and the c-ip value is still being recorded as 127.0.0.1, not the client's IP address

Are there any other things I need to do to enable/configure the Request Router Helper from ARR to automatically transpose the client IP into the c-ip field?

References:

IIS7/8: Logging the real client IP in the IIS hit logs

Client-ip not logged on application server when using ARR (original version for IIS 7)

ARR Helper (for IIS8 - see accepted answer)

Solution

  • After many hours, we found out how to enable this on IIS 8.5. Here are the steps:

    1. Download the 64-bit version of the tool from this site. Do NOT install the version obtained by installing the ARR v3 Web Platform Installer (this was the biggest issue with it not working).
    2. Unzip and run the MSI from an admin command prompt
    3. Open C:\Windows\System32\inetsrv\config\applicationHost.config and check its module registration under the globalModules section (it should be as follows)

    < add name="ARRHelper" image="%ProgramFiles%\IIS\ARR Helper\requestRouterHelper.dll" />

    1. In the same file, check or add the following entry in the section location path="" / modules

    < add name="ARRHelper" />

    I hope this helps others that had this same frustration.