As a member of a PAM Level-2 support team, you are troubleshooting an issue related to load balancing four PVWA servers at two data centers. You received a note from your Level-1 support team stating “When testing PVWA website from a workstation, we noticed that the “Source IP of last sign-in” was shown as the VIP (Virtual IP address) assigned to the four PVWA servers instead of the workstation IP where the PVWA site was launched from.”
Which step should you take?
To ensure the source IP of the last sign-in is correctly displayed as the workstation IP instead of the VIP, you need to verify that the "LoadBalancerClientAddressHeader" parameter in the PVWA configuration file Web.config is set to "X-Forwarded-For". This setting instructs the PVWA to read the client IP from the HTTP header provided by the load balancer, which carries the original workstation's IP address.
This issue will occur when PVWA's have been load balanced and the vault receives the VIP as the source IP, in order to remedy this the LoadBalancerClientAddressHeader should be set to X-Forwardedd-For in the web.config file on all PVWAs as per A. The other answers won't do anything to resolve the issue. https://docs.cyberark.com/PAS/Latest/en/Content/PASREF/Password%20Vault%20Web%20Access%20Parameter%20File.htm#LoadBalancerClientAddressHeader:~:text=LoadBalancerClientAddressHeader
https://docs.cyberark.com/Product-Doc/OnlineHelp/PAS/13.0/en/Content/PAS%20INST/PVWA-install-multiple-PVWA-env.htm#:~:text=In%20the%20web.config%20file%2C%20for%20the%20LoadBalancerClientAddressHeader%20parameter%2C%20enter%20the%20HTTP%20Header%20field%20name%20from%20which%20the%20PVWA%20reads%20the%20client%20IP.
The answer is A. https://cyberark-customers.force.com/s/article/Load-Balancer-Implementation-with-PVWA-General-Guidelines