Application Control and URL Filtering Blades cannot use the 'X-Forward-For header' Proxy configuration option when working on HTTPS traffic via HTTPS Inspection (SmartDashboard - Check Point Security Gateway object - 'Identity Awareness' pane - section 'Proxy Support for Application Control and URL Filtering Blades').
Cause
Since the traffic from the Client is encrypted, it is impossible for the Proxy to modify it and add X-Forward-For header.