Forum Discussion
Nimbostratususing the F5 for RSA Selfserviceconsole on port 7004
Hi out there I am (still) trying to get the RSA selfservice portal published via the F5 on a std SSL port. I have defined a default pool for the RSA server on port 7004 and I am publishing the external server on 443 I have put this irule on my VS running on port 443 and having the default pool for the intern server on port 7004:
when HTTP_REQUEST { Disable the stream filter for requests STREAM::disable
Remove this header to prevent server from compression response
HTTP::header remove Accept-Encoding
}
when HTTP_RESPONSE { set internal_host "rsa.intern.local:7004" set external_host "rsaselfservice.extern.com"
Rewrite the Location header for redirects
if { [HTTP::header exists Location] }{
HTTP::header replace Location [string map "$internal_host $external_host" [HTTP::header Location]]
}
Rewrite the response content using a stream profile if it is text
if { [HTTP::header Content-Type] contains "text" } {
Set the stream expression with the find/replace strings
STREAM::expression "@$internal_host@$external_host@"
Enable the stream filter
STREAM::enable
}
}
but I get a 302 in return and it looks as if it loops a bit - can some tell me what is wrong with this little simple irule? Is it the response to the client which not gets correct re-written? br /ti
2 Replies
Hi,
Should you replace the host header in the request to rsa.intern.local??
Cheers,
Kees
Stanislas_Piro2Cumulonimbus
Hi,
The RSA web-tier is a service installed on a dedicated server to provide access to self-service and on demand token without publishing security console (which is hosted on the same https port as the self-service)
when deploying web-tier server, the external host is defined, the listening service is 443.
