Urgent, please help to check why this irule didn't work

Hi Aaron,

 

 

Many Thanks for your prompt reply, it relly help. Now There is no problem with rule syntax, but seems Bigip prevent the port 80 traffic to and from CSG, Here are my observations:

 

1. Using the existing rule traffic for www.gmail.com wotks fine.I can see it going to and coming from CSG.

 

2. Traffic for anything other than port 80 works fine .I mean it goes through the CSG.

 

E.g : Port 443 (https) ,ICMP ,Telnet etc.

 

But traffic for port 80 never reaches the CSG vlan

 

Even if I remove the internal rule completely.

 

Even if I assign pool :CSG_IN to the Internet VLAN.

 

 

I tried to telnet IP 5.6.7.8 from my air card:please see the dump

 

[root@ML02BIG006:Active] dataeng tcpdump -ni CSG_IN host 10.162.72.3

 

02:55:32.142977 10.162.72.3.4124 > 5.6.7.8.telnet: S 710742154:710742154(0) win 42300 (DF)

 

02:55:35.222239 10.162.72.3.4124 > 5.6.7.8.telnet: S 710742154:710742154(0) win 42300 (DF)

 

 

Also for ping

 

[root@ML02BIG006:Active] dataeng tcpdump -ni CSG_IN host 10.162.72.3

 

tcpdump: listening on CSG_IN

 

03:00:38.977723 10.162.72.3 > 5.6.7.8: icmp: echo request

 

03:00:43.716244 10.162.72.3 > 5.6.7.8: icmp: echo request

 

 

Conclusion is that only port 80 traffic doesn't reaches CSG.Reason can be any peculiar config,script or optimization by our vendor flashnetwork,because earlier port 80 traffic was being sent to Netgain and Netcash for compression.

 

 

Please help to figure out how can I change the config in bigip to life the screen for port 80 traffic.

 

 

Thanks

 

 

BRs

 

Qingnian