For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

LeighK_316106's avatar
LeighK_316106
Icon for Nimbostratus rankNimbostratus
Apr 03, 2017

url redirection with SSL offload

I have set up and F5 to test it against my companies software. A lot of our customers have F5's and often ask for advice on setting it up.   I have been able to configure it for standard HTTP loa...
application delivery
BIG-IP
iRules
Leonardo_Souza's avatar
Leonardo_Souza
Icon for Cirrocumulus rankCirrocumulus
Apr 03, 2017

The problem you have is that when doing SSL offloading, the server only sees an HTTP request.

First, you need to change the redirect to use SSL, using an iRule in the virtual server you already have.

Second, you need to create a virtual server to handle the authentication and redirect. You do SSL offloading in this virtual server as well, but you need to rewrite the redirect to point to the first virtual server.

You can use a iRule similar with this one in both case:

when HTTP_RESPONSE {
  if { [HTTP::status] == 302 && [HTTP::header "Location"] equals "......" } {
    HTTP::redirect "https://.../"
 }
}

You need to check how your application do the first (for authentication) and second (after authentication) redirects, and change to iRule to match that.

More examples in these links:

https://devcentral.f5.com/wiki/irules.http__status.ashx

https://devcentral.f5.com/wiki/irules.http__header.ashx

https://devcentral.f5.com/wiki/irules.http__redirect.ashx