Forum Discussion
redirect by userid w/ ftp pool
I have a pool of ftp servers. I already have an irule directing inbound traffic to specific servers based on source IP. My customer has asked if I can direct incoming ftp based on userid. I said no to normal interactive command line ftp since the connection is made before the user enters in the userid / password. now the question is would it work via a browser...example...ftp://username:password@ftpsite.company.com
I tried appending the lines below to my existing irule and I actually locked all incoming sessions to the pool and had to failover to my backup and reboot. I'm running 4.6.2.
Is this possible with ftp, and if so, do I have the correct code below
else if (tcp_content contains "userid") {
use pool specific-ftpserver-pool
}
else {
use pool generic-ftpserver-pool
}
2 Replies
- Frank,
even in the case of FTP access from a browser, the connection to the FTP server has to be first established in order to be able to authenticate. The browser does not send anything until the server sends proper FTP server banner (220 ...).
Morevover, in v 4.x (any version) FTP virtual servers cannot utilize L7 iRules (i.e. rules parsing TCP content). or in other words, FTP virtual servers cannot be late-binding.Such configuration is (unfortunately) accepted both in CLI and GUI, but it does not (and cannot) work correctly. - Oh Well...The feedback I'd received from some other F5 resources in the past matched your response, but wasn't very detailed as to why. I just needed to get a definitive answer to forward up the chain.
Thanks for the quick response !
