Forum Discussion
Kenny_Van_73892
Nimbostratus
Nimbostratusdirect ssl traffic to specified member within a pool by irule?
I have a situation and need some advices.
Let say I have a pool called Webpool and it contents 10.10.0.1, 10.10.0.2, 10.10.0.3. The 10.10.0.1 and 10.10.0.2 host non-secure contents that are for common users, while the 10.10.0.3 hosts secured contents that is for admin access only. Can I write an irule that directs http traffic to 10.10.0.1 and 10.10.0.2 and https traffic to 10.10.0.3?
Let say admin is a uri.
Thanks in advance.
3 Replies
- Hi Kenny--
Unless I don't understand what you want, you're making your life harder than necessary. Something like the following ought to be adequate:
o create a pool containing 10.10.0.1 and 10.10.0.2
o create a virtual server on port 80 that references that pool. NB: for extra credit, you create a rule that discards all requests to the admin uri (assumption: the webservers will respond to requests for that uri. If they don't, you're fine with the pool).
o create a pool containing 10.10.0.3
o create a virtual server (same address as before if you'd like) on port 43 that references that pool. If necessary (and directly on-topic), you could then create a class of allowed ip addresses and use a rule to ensure connections to that virtual server only come from approved* addresses while discarding all other requests.
*see the documentation on classes, the "one of" operator, and the client_addr operand.
Good luck!
Good luck! 
Kenny_Van_73892Thanks. I didn't know that I can use the same virtual IP and point to different pools.- You're welcome!
And two clarifications:
1) I meant to write port 443 (not port 43).
2) It's two separate virtual servers. They just both use the same ip address on different ports.
Good luck!
