Forum Discussion

TWSS_18275's avatar
TWSS_18275
Icon for Nimbostratus rankNimbostratus
Apr 22, 2008

SSL / Non-SSL Same VIP

I would like to have one VIP that can handle both secure and non-secure traffic. I have found and implemented the rule at: http://devcentral.f5.com/wiki/default.aspx/iRules/HttpHttpsSingleVirtualServ...
application delivery
dev
devops
iRules
hoolio's avatar
hoolio
Icon for Cirrostratus rankCirrostratus
Apr 22, 2008
Hi,

 

 

What are you trying to do with the https pool? Do you want/need to have HTTPS requests sent to an HTTPS pool? The Codeshare example was designed to use a single HTTP pool. You could specify an HTTPS pool in the rule using the pool command (Click here). You'd need to add a server SSL profile to the VIP and disable that in addition to the client SSL profile for HTTP requests.

 

 

With two different pools, the cookie persistence profile would no longer work as it does with one pool, as the pool definition (and persistence value in the cookie) would change the client goes from HTTP to HTTPS. I suppose you could use a single pool to do the member selection (and persistence) and then set the port using the node command (Click here) in the LB_SELECTED event. I'm not 100% sure on this methodology though.

 

 

Aaron