Cloud WAF (formerly Incapsula) is deployed as a reverse proxy in front of your ASP/.NET application. This means that all traffic coming to your site through Cloud WAF will be seen as coming from one of Imperva IPs.
In order to make sure that your application gets the correct user IP you will need to make some modifications to the way the IP is extracted.
Unfortunately, we don’t have an ASP/.NET extension yet. However, there are simple online solutions that will do the job.
For ASP/.NET applications you have two options:
1) Modify your code to extract the true visitor IPs:
Cloud WAF injects a dedicated header to each request that includes the original client IP (INCAP-CLIENT-IP). You should use this header to extract the client IP anywhere in the code where the client IP is referenced.
Usually the IP is extracted with ServerVariables("REMOTE_ADDR") and instead you should use ServerVariables("HTTP_INCAP_CLIENT_IP"). If you do this, make sure that the Cloud WAF header really exists before making the extraction and otherwise use "REMOTE_ADDR".
You can also extract the IP from the X-Forwarded-For header. See example on how to do this here: http://stackoverflow.com/questions/735350/how-to-get-a-users-client-ip-address-in-asp-net.
2) Use an ISAPI filter to extract the original client IP from the X-Forwarded-For header:
We do not have a Cloud WAF ISAPI filter yet, but there are public solutions that will work just as good (http://devcentral.f5.com/weblogs/Joe/archive/2009/08/19/x_forwarded_for_log_filter_for_windows_servers.aspx).