Forum Discussion
_33_113201
Nimbostratus
Nimbostratushttp profile wont work with no SSL offloading configrued ?
hello all,
I have a website with no SSL offloading configured,
how ever if I add a http profile to the VIP, my website does not work, I remove the http profile and it starts working, why is this ?
thx,
4 Replies
L4L7_53191I'm not clear what the situation here is, but I assume that you're referring to SSL enabled web servers behind the BigIP and you're not offloading - instead, you're passing through to the back end.
If this is the case, your issue is because the HTTP profile expects to be able to see the layer 7 protocol information (i.e. HTTP). If you're not terminating SSL the system can't see this traffic because it's encrypted.
-Matt
_33_113201ok.,
is there any way to apply an irule on a VIP were no SSL offloading is configured. I jsut want to apply a Irule like
this
when HTTP_REQUEST {
if { (not ([matchclass [IP::client_addr] equals [$::internal-ips]]) } {
discard
}
}
just lock down based on IP- L4L7_53191Yep, for Layer 4 stuff you'll be fine. Have a look at this:
http://devcentral.f5.com/wiki/default.aspx/iRules/AccessControlBasedOnIP.html for a basic example
or this:
http://devcentral.f5.com/wiki/default.aspx/iRules/AccessControlBasedOnNetworkOrHost.html for a more complete example.
-Matt - _33_113201thanks,
that worked great,
