Forum Discussion

Remco's avatar
Remco
Icon for Nimbostratus rankNimbostratus
Nov 03, 2011

Redirecting http request to external url via proxy

Hi,     we are using F5 load balancers for our Internet environment. There is now a requirement during customer login to download a trojan detection script at an external company. But for the cl...
application delivery
dev
devops
iRules
Kurt_Knochner_5's avatar
Kurt_Knochner_5
Icon for Cirrus rankCirrus
Nov 03, 2011
The proxies have been setup in transparent mode for SSL traffic, so they should not be involved in the SSL process. I think my biggest problem is getting the F5 to use a HTTP CONNECT method instead of the standard GET.

 

 

If the proxies really do work in transparent mode for SSL you won't need the CONNECT method. CONNECT is only used by HTTP clients when they know about the proxy. In transparent mode the clients don't know there is a proxy and they will just try to connect directly to the target, by issuing a tcp connection to server:443.

 

 

So, your ssl server profile should work out of the box.

 

 

Let's assume the SSL connection works, then you still need to do this:

 

 

1.) Rewrite the URI to the location of the script "[HTTP::uri]"

 

 

2.) Rewrite the HOST header "[HTTP::header Host] replace", otherwise the target server might not accept the request.

 

 

Regards

 

Kurt Knochner