Hw to use Irule to redirect 443 req to8080

Hi Arun,

 

 

If you define the VIP on the port you want clients to connect to and define the pool members on the ports you want LTM to connect to them on and leave port translation enabled (as it is by default) you don't need an iRule. If you also want LTM to decrypt the client side traffic you'll want to import the SSL cert and key, create a client SSL profile and add it to the VIP. If you want LTM to re-encrypt the server side connection, you would add a server SSL profile as well. The LTM configuration guide on AskF5 has details on these options.

 

 

Aaron

Hi,

 

I have the client SSL on the VIP and everything works fine for https://10.10.30.45 and selecting its pools.

 

 

Another request from servr team had come. saying that they need to use the same client cretificate and for a diff port on vip and pool.

 

 

So,can we write redirect rule on https://10.10.30.45 as when a request with host https://10.10.30.45:8080 comes redirect to pool(30.20.40.2:8080,30.20.40.3:8080)

Couldn't you configure two separate VIPs for this?

 

 

VIP1: 10.10.30.45:443 -> Pool1: 30.20.40.2:80, 30.20.40.3:80

 

VIP2: 10.10.30.45:8080 -> Pool2: 30.20.40.2:8080, 30.20.40.3:8080

 

 

If both require client side SSL you could add the same client SSL profile to each VIP.

 

 

I'm not sure whether you actually want to reply to some requests with a redirect. Can you elaborate on this?

 

 

Aaron