I'm new at this and I trying to redirect an https (443) request to an Apache/Tomcat server with the url of . When I try to connect to it with I get an error. Please assist. Thanks!

what is url user sends to https virtual server? where is the apache/tomcat? is it pool member of the https virtual server or is it external server? what url do you want to send to it?

The https request goes to a virtual server and then to apache/tomcat. The virtual server is working fine and can see the apache/tomcat. I can connect dircetly to the apache/tomcat using but if I try to connect using that is where my problem lies. I need to have an iRule that when a request comes in to direct it specfically to site.html. Thx for the response!

not sure if i understand correctly. e.g. [root@ve10:Active] config b virtual bar list virtual bar { snat automap pool foo destination 172.28.19.79:443 ip protocol 6 rules myrule profiles { clientssl { clientside } http {} tcp {} } } [root@ve10:Active] config b pool foo list pool foo { members 200.200.200.101:8080 {} } [root@ve10:Active] config b rule myrule list rule myrule { when HTTP_REQUEST { if {[HTTP::uri] eq "/"} { HTTP::uri "/site.html" } } } [root@ve10:Active] config ssldump -Aed -nni 0.0 port 443 or port 8080 -k /config/ssl/ssl.key/default.key New TCP connection 1: 172.28.19.251(39545) <-> 172.28.19.79(443) 1 1 1345486212.2547 (0.0101) C>S SSLv2 compatible client hello 1 2 1345486212.2547 (0.0000) S>CV3.1(81) Handshake 1 3 1345486212.2547 (0.0000) S>CV3.1(953) Handshake 1 4 1345486212.2547 (0.0000) S>CV3.1(4) Handshake 1 5 1345486212.2565 (0.0017) C>SV3.1(262) Handshake 1 6 1345486212.2565 (0.0000) C>SV3.1(1) ChangeCipherSpec 1 7 1345486212.2565 (0.0000) C>SV3.1(36) Handshake 1 8 1345486212.2816 (0.0251) S>CV3.1(1) ChangeCipherSpec 1 9 1345486212.2816 (0.0000) S>CV3.1(36) Handshake 1 10 1345486212.2836 (0.0019) C>SV3.1(175) application_data --------------------------------------------------------------- HEAD / HTTP/1.1 User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5 Host: 172.28.19.79 Accept: */* --------------------------------------------------------------- New TCP connection 2: 200.200.200.10(39545) <-> 200.200.200.101(8080) 1345486212.2845 (0.0007) C>S --------------------------------------------------------------- HEAD /site.html HTTP/1.1 User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5 Host: 172.28.19.79 Accept: */* ---------------------------------------------------------------

The frontend site is https://something.something.com which is to the virtual server, which is then supposed to forward to http://host:8080/site.html. Our problem is getting to the /site.html part. Thx!

You can create a iRule that does the following like Nitass sates when HTTP_REQUEST { if { [HTTP::uri] equals "/" } { HTTP::uri "/site.html" } The iRule when then cause the URI to to the server to be /site.html. Now if you want you change change it to a full redirect this will force the customer URI to change so if they bookmark the site it will be correct. HTTP::redirect "http://[HTTP::host]:8080:/site.html or HTTP::redirect "https://[HTTP::host]/site.html

iRule to redirect | DevCentral

Al_3585
Nimbostratus
Aug 22, 2012
login as: admin

Using keyboard-interactive authentication.

Password:

Last login: Tue Aug 21 15:20:31 2012 from xxx.xx.100.252

[admin@:Active] ~ b virtual apache-https-vs list

virtual apache-https-vs {

pool apache-http-pool

fallback persist apache-source

destination xxx.xx.100.195:https

ip protocol tcp

persist apache-cookie

profiles {

apache-clientssl {

clientside

}

apache-http-opt {}

apache-oneconnect {}

apache-tcp-lan {

serverside

}

apache-tcp-wan {

clientside

}

}

}

[admin@:Active] ~

[admin@:Active] ~ b pool apache-http-pool list

pool apache-http-pool {

lb method member observed

slow ramp time 30

monitor all apache-http-monitor

members xxx.xx.109.26:webcache {}

}

[admin@:Active] ~

[admin@:Active] ~ b rule apache-httptohttps list

rule apache-httptohttps {

when HTTP_REQUEST {

HTTP::redirect ]

}

}

[admin@:Active] ~

Thx!
nitass
Employee
Aug 22, 2012
is apache-httptohttps irule we are working on??
smp_86112
Cirrostratus
Aug 22, 2012
I'm sorry, but I'm still confused about this. If you hit http://host:8080 or http://host:8080/site.html with a browser, that bypasses the apache-https-vs VIP entirely, and no iRule is going to fire. You need to be hitting https://xxx.xx.100.195 so the request hits the VIP, and then the iRule applied to the apache-https-vs VIP can be fired.
Al_3585
Nimbostratus
Aug 22, 2012
Sorry for the confusion. We are trying to hit through with the VIP, i.e. client --->https--->BIGIP (VIP) --->http://site:8080/site.html. We can hit the web site if we don't go through the BigIP. All indicators are green. Thx!

nitass

Employee

Aug 25, 2012

can you try this irule?

[root@ve10:Active] config  b virtual bar list
virtual bar {
   snat automap
   pool foo
   destination 172.28.19.79:443
   ip protocol 6
   rules myrule
   profiles {
      clientssl {
         clientside
      }
      http {}
      tcp {}
   }
}
[root@ve10:Active] config  b pool foo list
pool foo {
   members 200.200.200.101:8080 {}
}
[root@ve10:Active] config  b rule myrule list
rule myrule {
   when HTTP_REQUEST {
   if {[HTTP::uri] equals "/"} {
      HTTP::uri "/site.html"
   }
   HTTP::header replace Host "[HTTP::host]:8080"
}
}

[root@ve10:Active] config  ssldump -Aed -nni 0.0 port 443 or port 8080 -k /config/ssl/ssl.key/default.key
New TCP connection 1: 172.28.19.251(40302) <-> 172.28.19.79(443)
1 1  1345879460.5096 (0.0141)  C>S SSLv2 compatible client hello
1 2  1345879460.5097 (0.0000)  S>CV3.1(81)  Handshake
1 3  1345879460.5097 (0.0000)  S>CV3.1(953)  Handshake
1 4  1345879460.5097 (0.0000)  S>CV3.1(4)  Handshake
1 5  1345879460.5116 (0.0018)  C>SV3.1(262)  Handshake
1 6  1345879460.5116 (0.0000)  C>SV3.1(1)  ChangeCipherSpec
1 7  1345879460.5116 (0.0000)  C>SV3.1(36)  Handshake
1 8  1345879460.5243 (0.0126)  S>CV3.1(1)  ChangeCipherSpec
1 9  1345879460.5243 (0.0000)  S>CV3.1(36)  Handshake
1 10 1345879460.5256 (0.0013)  C>SV3.1(167)  application_data
    ---------------------------------------------------------------
    HEAD / HTTP/1.1
    User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5
    Accept: */*
    Host: site

    ---------------------------------------------------------------
New TCP connection 2: 200.200.200.10(40302) <-> 200.200.200.101(8080)
1345879469.9335 (9.4077)  C>S
---------------------------------------------------------------
HEAD /site.html HTTP/1.1
User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5
Accept: */*
Host: site:8080

---------------------------------------------------------------

Forum Discussion

iRule to redirect

Recent Discussions

APM RDP custom parameters

Reporting Help Needed

Switch ssl profile based on weak cipher detection via IRULE

F5 looses the token for the first call

iRule - Url rewrite and header replace and pool selection not working

Related Content

iRule assistance for subfolder redirect

Simple HTTP::redirect iRule results in a reset

HTTP::redirect doesn't work for multiple conditions, URL redirect doesn't work using iRule

Need Irule for redirection for port translation

Create iRule 404 Page redirect

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS