using the F5 for RSA Selfserviceconsole on port 7004

Hi out there I am (still) trying to get the RSA selfservice portal published via the F5 on a std SSL port. I have defined a default pool for the RSA server on port 7004 and I am publishing the external server on 443 I have put this irule on my VS running on port 443 and having the default pool for the intern server on port 7004:

when HTTP_REQUEST { Disable the stream filter for requests STREAM::disable

 Remove this header to prevent server from compression response
HTTP::header remove Accept-Encoding

}

when HTTP_RESPONSE { set internal_host "rsa.intern.local:7004" set external_host "rsaselfservice.extern.com"

 Rewrite the Location header for redirects 
if { [HTTP::header exists Location] }{ 
    HTTP::header replace Location [string map "$internal_host $external_host" [HTTP::header Location]] 
} 

 Rewrite the response content using a stream profile if it is text 
if { [HTTP::header Content-Type] contains "text" } { 

     Set the stream expression with the find/replace strings 
    STREAM::expression "@$internal_host@$external_host@" 

     Enable the stream filter 
    STREAM::enable 
} 

}

but I get a 302 in return and it looks as if it loops a bit - can some tell me what is wrong with this little simple irule? Is it the response to the client which not gets correct re-written? br /ti