WAF and GeoIP

Hello all,

I set up a web server (IIS 7.5) in a separate DMZ and added Piwik (version 1.10.1) with GeoIP to our home page.

If DNATed/routed into the DMZ I get real client IP addresses for GeoIP in Piwik, but if I use WAF instead I only get the IP address of the UTM in the DMZ as the IP address of the client requesting the web page(s).

This is the WAF config...
one virtual server : Plain (HTTP), port 80, pass host header, non-standard firewall profile [see below]
one real server : Plain (HTTP), port 80
firewall profile : mode=reject, SQL injection filter, XSS filter, use both AV engines for up- and download, block clients with bad reputation
no exceptions
standard site path routing to "/"

In both configurations the web page shows up without any problems, but using WAF I only get hits from the UTMs DMZ IP address even though the WAF log displays all relevant IP addresses correctly. UTM 220 is running 9.004-34 in HA cluster mode.

Any idea how to pass on the correct client IP address to the web server or how to implement GeoIP behind WAF?

Thank you so much for you help in advance!