Forum Discussion
NimbostratusPort Translation/Irule query
Hello Team,
My VS is listening to port no.80 and backend servers are listening on port no.443. Port translation is enabled.
Do I need to use the irule to redirect the HTTP request on VS to HTTPS page "OR" Port translation is sufficient and no iRule is required here?
Let me know.
Thanks,
Dayesh
Kapil_aks1_3784You don't have to use iRule to redirect from http to https. Port translation will do it. however you will have to use serverssl profile to allow encrypted session between F5 and server.
This is my thinking not sure F5 experts thinks elsewise.
Dayesh_263997Thanks Kapil.
Completely understand the prerequisites of the profiles.
I need experts to confirm if port translation would do the redirect and no irule will be required.
Thanks
Dayesh
iaineNacreous
Hi - Port translation is sufficient for PAT to work from port 80 to 443. As mentioned above, if the serverside connection is encrypted for the 443 traffic then you'll need a serverssl profile configured.
If you wanted your clients to connect on 443 rather than 80, then you would need the redirect irule to switch the clientside connection to 443
- Dayesh_263997
Thanks Iaine.
If I wanted my client to connect on 443 instead of 80, that would require a whole new virtual server configuration altogether along with the client side SSL profile.
Irule would redirect the traffic from port 80 towards VS listening on port 443...isn't it?
Let me know if you think otherwise.
Thanks,
Dayesh
Kapil_aks1You don't have to use iRule to redirect from http to https. Port translation will do it. however you will have to use serverssl profile to allow encrypted session between F5 and server.
This is my thinking not sure F5 experts thinks elsewise.
- Dayesh_263997
Thanks Kapil.
Completely understand the prerequisites of the profiles.
I need experts to confirm if port translation would do the redirect and no irule will be required.
Thanks
Dayesh
- iaine
Hi - Port translation is sufficient for PAT to work from port 80 to 443. As mentioned above, if the serverside connection is encrypted for the 443 traffic then you'll need a serverssl profile configured.
If you wanted your clients to connect on 443 rather than 80, then you would need the redirect irule to switch the clientside connection to 443
- Dayesh_263997
Thanks Iaine.
If I wanted my client to connect on 443 instead of 80, that would require a whole new virtual server configuration altogether along with the client side SSL profile.
Irule would redirect the traffic from port 80 towards VS listening on port 443...isn't it?
Let me know if you think otherwise.
Thanks,
Dayesh