Forum Discussion
alex100_194614
Nimbostratus
NimbostratusProblem with stream iRule and SAML idp redirect
Running into following issue here. We have a sharepoint site with web servers listening on some high port and using internal hostname. On the SharePoint virtual server I am applying fallowing iRule t...
Hi Alex,
For for the VIP targeting VIP solution to get around APM-Stream Profile conflicts, below is a basic view of what the config would look like:
ltm virtual vs_external { destination 1.1.1.1:443 ip-protocol tcp mask 255.255.255.255 profiles { clientssl_profile { context clientside } stream_profile { } http { } tcp { } } rules { forward_internal_virtual saml_stream_expression } } ltm virtual vs_internal { destination 2.2.2.2:80 enabled ip-protocol tcp mask 255.255.255.255 profiles { example_accesspolicy { } http { } rba { } tcp { } websso { } } } ltm rule forward_internal_virtual { when HTTP_REQUEST { virtual vs_internal } }
Andrew_4752
Altostratus
AltostratusHi Alex,
For for the VIP targeting VIP solution to get around APM-Stream Profile conflicts, below is a basic view of what the config would look like:
ltm virtual vs_external {
destination 1.1.1.1:443
ip-protocol tcp
mask 255.255.255.255
profiles {
clientssl_profile {
context clientside
}
stream_profile { }
http { }
tcp { }
}
rules {
forward_internal_virtual
saml_stream_expression
}
}
ltm virtual vs_internal {
destination 2.2.2.2:80
enabled
ip-protocol tcp
mask 255.255.255.255
profiles {
example_accesspolicy { }
http { }
rba { }
tcp { }
websso { }
}
}
ltm rule forward_internal_virtual {
when HTTP_REQUEST {
virtual vs_internal
}
}
alex100_194614Nimbostratus
NimbostratusAndrew,
Thanks for the advice. I was able to work around with layered virtual server. It seems like an old bug known for ages. Everything worked out at the end.
