Forum Discussion
vineyard_166933
Nimbostratus
NimbostratusPublish websites with redirect
Hi, would like some help making existing TMG configuration work on LTM instead.
It's not very complex so we hope somebody could get us started.
In TMG we have 2 rules for a website with an IP A...
nitass
Employee
Employee1) we want to rewrite external url to internal server like https://page.something.com --> server.domain.local this works ok. SSL offloading here also.
config
root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm virtual bar
ltm virtual bar {
destination 172.28.24.10:443
ip-protocol tcp
mask 255.255.255.255
pool foo
profiles {
clientssl {
context clientside
}
http { }
tcp { }
}
rules {
qux
}
source 0.0.0.0/0
source-address-translation {
type automap
}
vs-index 70
}
root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm pool foo
ltm pool foo {
members {
200.200.200.101:80 {
address 200.200.200.101
}
}
}
root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm data-group internal location_map
ltm data-group internal location_map {
records {
http://shortname1/ {
data https://pagesomething.com/
}
http://shortname2/ {
data https://pagesomething.com/
}
}
type string
}
root@(ve11a)(cfg-sync In Sync)(Active)(/Common)(tmos) list ltm rule qux
ltm rule qux {
when HTTP_REQUEST {
if { [HTTP::host] equals "page.something.com" } {
HTTP::header replace Host "server.domain.local"
}
}
when HTTP_RESPONSE {
switch [HTTP::status] {
301 -
302 {
if { [class match -- [HTTP::header Location] starts_with location_map] } {
set mapl [class match -element [HTTP::header Location] starts_with location_map]
HTTP::header replace Location [string map $mapl [HTTP::header Location]]
}
}
}
}
}
request
1 10 1408801818.6717 (0.0007) C>SV3.1(192) application_data
---------------------------------------------------------------
GET / HTTP/1.1
User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5
Accept: */*
Host: page.something.com
---------------------------------------------------------------
New TCP connection 2: 200.200.200.14(39311) - 200.200.200.101(80)
1408801818.6892 (0.0163) C>S
---------------------------------------------------------------
GET / HTTP/1.1
User-Agent: curl/7.15.5 (i686-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5
Accept: */*
Host: server.domain.local
---------------------------------------------------------------
2) the server redirects to another location so the url sent back to client is something like: shortname/uri&somestaticinfo then againt to shortname2/uri&somesticinfo (which is not in dns)
Would it be correct to rewrite the http_response again with a datagroup of perhaps: shortname1 (80) --> https://pagesomething.com/uri&someinfo. (443) response
1408801840.1118 (0.0724) S>C
---------------------------------------------------------------
HTTP/1.1 302 Found
Date: Sat, 23 Aug 2014 13:37:55 GMT
Server: Apache/2.2.3 (CentOS)
Location: http://shortname1/uri&somestaticinfo
Content-Type: text/html; charset=iso-8859-1
---------------------------------------------------------------
1 11 1408801840.1125 (0.0752) S>CV3.1(224) application_data
---------------------------------------------------------------
HTTP/1.1 302 Found
Date: Sat, 23 Aug 2014 13:37:55 GMT
Server: Apache/2.2.3 (CentOS)
Location: https://pagesomething.com/uri&somestaticinfo
Content-Type: text/html; charset=iso-8859-1
---------------------------------------------------------------