Looking to utilize LTM to handle traffic within a domain that wasn't configured following best practices. Currently, the active directory domain and the primary website share the same domain name. Clients have historically reached the website via a "www" cname but this cname needs to be removed for SEO purposes. The cname was removed from external DNS for clients connecting via the WAN. I would like to duplicate this behavior for LAN clients without placing a reverse proxy web server on the domain controllers and need an option that will perform more reliably than adding a netsh portproxy rule to handle port 80 and 443 traffic. How can I configure the LTM so that active directory LAN client traffic destined for "ourdomainname.com" reaches our active directory servers and LAN client traffic via ports 80 and 443 destined for "ourdomainname.com" is directed to the web servers IP address?

Hi Roger, That sounds like an interesting problem you've got there ;) Let me give it is a stab, but please shout if I've completely misunderstood your question. For the moment, I'm assuming you get the AD traffic over ports 389/636 or similar? (i.e. AD specific ports?) And anyone who resolves the DNS name "ourdomainname.com" always ends up with the same IP, irrespective of the service they are interested in? If so, you can set up multiple virtual servers on the same IP address, but with different port numbers. VS1: 1.1.1.1:389 - pool: AD-pool VS1: 1.1.1.1:636 - pool: AD-pool (alternatively, create a port list to reduce the number of virtual servers required)VS1: 1.1.1.1:80 - pool: Web-ServersVS1: 1.1.1.1:443 - pool: Web-Servers (probably with SSL offload) As long as you don't have any with the same IP and same port, these virtual servers will work nicely together. Hope this helps.

F5-LTM active directory and http/s

Forum Discussion

Recent Discussions

Errors with AS3 3.56.0 with F5 17.5.1.6
May 11, 2026
Juergen_Mang
f5 r5600 appliance issue with adding trunk to vlan
May 11, 2026
kbk4912
SSL Forward Proxy, iRules and Client Hello
May 11, 2026
kuroki
F5 ASM/AWAF – violations logged but no learning suggestions generated
May 09, 2026
A_hassanein
F5 VELOS Backplane Inter-Tenants Communication
May 09, 2026
Saad_Deif

Forum Discussion

AppWorld Berlin 2026 – iRules Contest Winning Results

One Quick Step to Make your website AI-Agent/MCP Ready with an iRule

IPv8 Would Fix My Routing Tables. It Will Never Ship.

Recent Discussions

Errors with AS3 3.56.0 with F5 17.5.1.6

f5 r5600 appliance issue with adding trunk to vlan

SSL Forward Proxy, iRules and Client Hello

F5 ASM/AWAF – violations logged but no learning suggestions generated

F5 VELOS Backplane Inter-Tenants Communication

Related Content

Azure Active Directory and BIG-IP APM Integration

The State Of HTTP/2 Full Proxy With F5 LTM

Complete MFA solution with GA stored in Active Directory

Remote Authorization via Active Directory

Enabling Azure Active Directory Tenant Restrictions with F5