Forum Discussion
Billy_10041
Nimbostratus
Nimbostratushelp converting Apache Vhost to irule
NameVirtualHost 192.168.0.98:80
NameVirtualHost 192.168.0.98:443
ServerName test.abc.com
RewriteEngine On
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^/(...
Kevin_Stewart
Employee
EmployeeThere are a couple of things to cover here:
First, you need two virtual servers. Create a port 80 virtual server for IP 192.168.0.98, add a generic HTTP profile, and then add the built-in _sys_https_redirect iRule. This iRule will automatically redirect all incoming port 80 (http://) requests to https://. You then need a port 443 virtual server for IP 192.168.0.98, add an HTTP profile, your client SSL profile (to allow you to terminate the client side SSL), server SSL profile (it appears you're passing traffic to another SSL server so you'll want to re-encrypt), a SNAT profile as required, and any other profiles as required. Also create two pools. The first pool would be for the service at 192.168.2.82:443. I'm assuming that's the default pool, so assign that pool to the virtual server. The second pool is for the service at 192.168.2.82.8382 (also SSL) - I'll call that "sso_pool".
Then you just need an iRule to switch pools based on the request URI. Something like this:
when CLIENT_ACCEPTED {
set default_pool [LB::server pool]
}
when HTTP_REQUEST {
if { [string tolower [HTTP::uri]] starts_with "/sso" } {
pool sso_pool
} else {
pool default_pool
}
}
If you need anything more elaborate than that, then I'd recommend looking at the ProxyPass iRule.
