We are using an Access Control policy to determine whether requests are originating within our vpn. This has been working in the past. Now we're seeing requests come in with the desired value within "true-client-ip" but acl.failed is coming up as true. Traditionally, we've seen the header name coming in as "True-Client-IP". It would appear that in this case, it may be looking at X-Forwarded-For despite the presence of the true client ip. I know that header names should be case-insensitive, but would the AccessControl policy be disregarding it in this scenario?