BigIP not passing the 302-redirect through

Question

Hello 
&nbsp;  
&nbsp; I am new to this forum! Please can someone help to resolve my problem? 
&nbsp;  
&nbsp; We have an issue where the BigIP is not passing the https 302-redirect through. We have a Web Application Firewall that sit between the BigIP and Web server farm. The SSL traffic is terminated at BigIP. So any traffic between BigIP and web servers are http. 
&nbsp;   
&nbsp; Whenever a request is being blocked by the WAF, it point to this 302-error page - https://wwwWebServer.Error_302.htm  but page is not being pass through the BigIP. The TCPdump shows the page leaves the WAF. 
&nbsp;  
&nbsp; I do really appreciate your help. 
&nbsp;  
&nbsp; Thank you 
&nbsp; Bala 
&nbsp;

hoolio · Answer

Hi Bala, 
&nbsp;  
&nbsp; If you use a browser plugin like HttpFox for Firefox or Fiddler for IE, does the client receive the 302 redirect but not receive a response on the subsequent request?  I can't really see LTM blocking a specific response like that.  You might also try adding an iRule which logs the request and response headers on LTM to help debug this further: 
&nbsp;  
&nbsp; http://devcentral.f5.com/Wiki/default.aspx/iRules/LogHttpHeaders.html (Click here) 
&nbsp;  
&nbsp; Aaron

hoolio · Answer

I'd guess the app is sending a redirect to http://... not https://.  You'd see this in the Location header of the 30x redirect.  If that's the case, you can rewrite the redirect to https:// using a custom HTTP profile with rewrite redirects enabled.  Check the online help in the GUI for the HTTP profile for details. 
&nbsp;  
&nbsp; Aaron

bala_7975 · Answer

When the request is blocked by the web application firewall, the WAF sends a redirect to this HTTPS and not HTTP. This page resides on one of the web servers. 
&nbsp;  
&nbsp; Thanks 
&nbsp; Bala

hoolio · Answer

I think it would be helpful to use a browser plugin and an iRule which logs the request and response headers to see exactly what's happening. 
&nbsp;  
&nbsp; Aaron

bala_7975 · Answer

I haven’t still unable to resolve this issue! 
&nbsp;  
&nbsp; The Web Application Firewall (WAF) blocks the malicious http request and it replies on the same TCP stream with a 302 redirection response to a https://Error_404.htm  error page on one of the web servers. This response is not arriving properly to the client because; it’s being blocked by the intermediate Big-IP.  
&nbsp;  
&nbsp; Client -&gt; Big-IP -&gt; WAF -&gt; Web Servers 
&nbsp;  
&nbsp; Please can someone help me to resolve this issue? 
&nbsp;  
&nbsp; Thank you 
&nbsp; Bala &nbsp;

Forum Discussion

BigIP not passing the 302-redirect through

6 Replies

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

TLS handshake failure from BIG-IP to backend – Fatal Alert: Decode Error (Server SSL)

Failing over Virtual F5 VE to DR location using Zerto

Failing over of a Virtual F5 configuration to another location using Zerto restore process

F5 Networks F5CAB1 Exam - Need Help Regarding Prep

Username is not filled in EdgeClient in the Modern customization

Related Content

Passing Arguments to iCall Scripts

Rewrite HTTP redirect 301 to 302

Free Passes to AppWorld 2025 – First Come, First Served!

ProxyPass 302 redirect possible?

WSS LTM not passing data correctly

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS