Forum Discussion

alex100_194614's avatar
alex100_194614
Icon for Nimbostratus rankNimbostratus
Mar 03, 2016

Problem with stream iRule and SAML idp redirect

Running into following issue here. We have a sharepoint site with web servers listening on some high port and using internal hostname. On the SharePoint virtual server I am applying fallowing iRule t...
  • Andrew_4752's avatar
    Mar 03, 2016

    Hi Alex,

    For for the VIP targeting VIP solution to get around APM-Stream Profile conflicts, below is a basic view of what the config would look like:

    ltm virtual vs_external {
    destination 1.1.1.1:443
    ip-protocol tcp
    mask 255.255.255.255
    profiles {
        clientssl_profile {
            context clientside
        }
        stream_profile { }
        http { }
        tcp { }
    }
    rules {
        forward_internal_virtual
        saml_stream_expression
      }
    }
    ltm virtual vs_internal {
    destination 2.2.2.2:80
    enabled
    ip-protocol tcp
    mask 255.255.255.255
    profiles {
        example_accesspolicy { }
        http { }
        rba { }
        tcp { }
        websso { }
    }
    }
    ltm rule forward_internal_virtual {
    when HTTP_REQUEST {
    virtual vs_internal
    }
    }