For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Infinity05_1794's avatar
Infinity05_1794
Icon for Nimbostratus rankNimbostratus
Aug 24, 2010

Directing traffic based on port

Here's my issue, I have a GTM -> LTM setup and I need to allow both port 80 and 443 (ssl) traffic to a server. I wasn't sure what the best way to do this so I created two VIP on the LTM, one designe...
application delivery
dev
devops
iRules
hoolio's avatar
hoolio
Icon for Cirrostratus rankCirrostratus
Oct 07, 2010
Hi,

Are you decrypting the SSL on LTM? If so, separate LTM virtual servers for HTTP and HTTPS would be the simplest. Else, you can create a single virtual server and pool both on port 0. You can then use a simple iRule or packet filters to restrict access to ports other than 80 and 443: 


when CLIENT_ACCEPTED {

    Check the requested port
   switch [TCP::local_port] {
      80 -
      443 {
          Do nothing. Default is to allow the request through to the pool
      }
      default {
          Drop the connection
         drop
      }
   }
}

Aaron