Forum Discussion

tiwang's avatar
tiwang
Icon for Nimbostratus rankNimbostratus
Dec 19, 2016

using the F5 for RSA Selfserviceconsole on port 7004

Hi out there I am (still) trying to get the RSA selfservice portal published via the F5 on a std SSL port. I have defined a default pool for the RSA server on port 7004 and I am publishing the external server on 443 I have put this irule on my VS running on port 443 and having the default pool for the intern server on port 7004:

when HTTP_REQUEST { Disable the stream filter for requests STREAM::disable

 Remove this header to prevent server from compression response
HTTP::header remove Accept-Encoding

}

when HTTP_RESPONSE { set internal_host "rsa.intern.local:7004" set external_host "rsaselfservice.extern.com"

 Rewrite the Location header for redirects 
if { [HTTP::header exists Location] }{ 
    HTTP::header replace Location [string map "$internal_host $external_host" [HTTP::header Location]] 
} 

 Rewrite the response content using a stream profile if it is text 
if { [HTTP::header Content-Type] contains "text" } { 

     Set the stream expression with the find/replace strings 
    STREAM::expression "@$internal_host@$external_host@" 

     Enable the stream filter 
    STREAM::enable 
} 

}

but I get a 302 in return and it looks as if it loops a bit - can some tell me what is wrong with this little simple irule? Is it the response to the client which not gets correct re-written? br /ti

  • Hi,

     

    Should you replace the host header in the request to rsa.intern.local??

     

    Cheers,

     

    Kees

     

  • Hi,

     

    The RSA web-tier is a service installed on a dedicated server to provide access to self-service and on demand token without publishing security console (which is hosted on the same https port as the self-service)

     

    when deploying web-tier server, the external host is defined, the listening service is 443.