Forum Discussion
NimbostratusIrule for Multiple Redirection
Hi,
I have the below requirement. If user access any of the below mention link it should redirect accordingly.
I have created one VIP
https://192.168.206.23
https://test1.abc.com https://ebsdmzuat.abc.com:8060/OA_HTML/IrcVisitor.jsp
https://test2.abc.com http://ebsdmzuat.abc.com:8060/OA_HTML/jsp/pos/suppreg/SupplierRegister.jsp
https://test3.abc.com http://ebsdmzuat.abc.com:8060
https://test4.abc.com - http://ebsdmzuat.abc.com:8060
=========
I am trying the below irule but it is not working
when HTTP_REQUEST { if { [string tolower [HTTP::uri]] starts_with "/ircuat.abc.com" } { HTTP::respond 301 Location "http://ebsdmzuat.abc.com:8060/OA_HTML/IrcVisitor.jsp[HTTP::uri]" } } elseif { [string tolower [HTTP::uri]] starts_with "https://jobsuat.abc.com" } { HTTP::respond 301 Location "http://ebsdmzuat.abc.com:8060/OA_HTML/IrcVisitor.jsp[HTTP::uri]" } }
need assistance on this.
5 Replies
Wasim_Hassan_13All the above URL are hosted on two servers located in single Pool.
forsanAltostratus
Hi,
look at this example: https://devcentral.f5.com/questions/need-irule-for-301-redirection
Maybe try something like this?
when HTTP_REQUEST { switch -glob [string tolower [HTTP::host]] { "test1.abc.com" { HTTP::respond 301 Location "https://ebsdmzuat.abc.com:8060/OA_HTML/IrcVisitor.jsp" } "test2.abc.com" { HTTP::respond 301 Location "http://ebsdmzuat.abc.com:8060/OA_HTML/jsp/pos/suppreg/SupplierRegister.jsp" } "test3.abc.com" { HTTP::respond 301 Location "http://ebsdmzuat.abc.com:8060" } "test4.abc.com" { HTTP::respond 301 Location "http://ebsdmzuat.abc.com:8060" } } }Regards
- Wasim_Hassan_13
Hi,
Thanks for the reply but i want to give user
https://test1.abc.com https://test2.abc.com
and want to do ssl offload using F5 self signed certificate
http://ebsdmzuat.enoc.com:8060/OA_HTML/IrcVisitor.jsp
http://ebsdmzuat.enoc.com:8060/OA_HTML/jsp/pos/suppreg/SupplierRegister.jsp
I have recall the client/Server SSL profile and but still it is not working. My current irule is look like that
when HTTP_REQUEST { switch -glob [string tolower [HTTP::host]] { "ircuat.abc.com" { HTTP::respond 301 Location "https://ebsdmzuat.abc.com:8060/OA_HTML/IrcVisitor.jsp" } "isupuat.abc.com" { HTTP::respond 301 Location "https://ebsdmzuat.abc.com:8060/OA_HTML/jsp/pos/suppreg/SupplierRegister.jsp" } "ircvuat.abc.com" { HTTP::respond 301 Location "https://ebsdmzuat.abc.com:8060" } "iprcuat.abc.com" { HTTP::respond 301 Location "https://ebsdmzuat.abc.com:8060" } "ebsdmzuat.abc.com" { HTTP::respond 301 Location "https://ebsdmzuat.abc.com:8060/OA_HTML/AppsLogin" } } }
Please let me know how we can do this. I have gone through multiple online doc and created the self signed certificate in F5 but i think my irule is not proper.
only HTTP is working fine but when I am using HTTPS nothing is happpening.
- forsanHi, can you post your VIP and SSL profile configuration?
- Wasim_Hassan_13
hi,
please see the below
list ltm profile ltm profile client-ssl ENOC_CLIENT_SSL { alert-timeout 10 allow-non-ssl disabled app-service none cache-size 262144 cache-timeout 3600 cert /Common/ENOC_SSL.crt chain none ciphers DEFAULT defaults-from /Common/clientssl handshake-timeout 10 key /Common/ENOC_SSL.key mod-ssl-methods disabled options { dont-insert-empty-fragments } proxy-ssl disabled renegotiate-max-record-delay indefinite renegotiate-period indefinite renegotiate-size indefinite renegotiation enabled secure-renegotiation require server-name none session-ticket disabled sni-default false sni-require false strict-resume disabled unclean-shutdown enabled
}ltm virtual VS_TEST { destination 192.168.206.24:any ip-protocol tcp mask 255.255.255.255 partition PRPRDWEBDMZ persist { ENOC_PRDWEB_STICKY { default yes } } pool TEST_POOL profiles { /Common/tcp { } ENOC_CLIENT_SSL { context clientside } PRE-PROD-WEB-DMZ-Profile { } } rules { NEW_TEST } source 0.0.0.0/0 source-address-translation { type automap } translate-port disabled vs-index 140 }
