For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Vishakh_Krishna's avatar
Vishakh_Krishna
Icon for Nimbostratus rankNimbostratus
Sep 17, 2014

Irule request to redirect Standard HTTPS traffic to Non Standard HTTPS port.

Dear Team, We have a request to publish a HTTPS server using F5. Server is listening to HTTPS traffic on port 9804. https://10.10.175.132:9804/analytics (this is the URL for accessing the server). Certificate is installed on Server which will do Authentication and encryption. My requirement is whenever users try to give the URL https://10.10.175.132 (this is the virtual Server IP configured on F5), It should redirect the traffic to the server pool listening to 9804.

 

Please do the needful. Thanks, Vishakh

 

application delivery
BIG-IP Access Policy Manager (APM)
devops
iRules
LTM
management
security

1 Reply

  • Kevin_Stewart's avatar
    Kevin_Stewart
    Icon for Employee rankEmployee
    Sep 17, 2014

    Redirection is generally an HTTP term, which would also imply that the F5 could see the decrypted layer 7 traffic and issue an HTTP redirect. In lieu of that, it's not generally possible to issue a redirect to a client if the F5 is not offloading the SSL. ProxySSL, the SSL man-in-the-middle feature wouldn't work here because there'd be no port 443 server endpoint for the client to establish an SSL session with. You may necessarily have to simply forward the traffic and do port translation inbound. This is where the pool defines your port 9804 resources, and you ensure that port translation is enabled in the virtual server config. Client side port 443 traffic will be translated to port 9804 to the server(s).