Forum Discussion
NimbostratusVirtual server (Service Port) support for just two ports
Hello Community I need to create a Virtual Server and have it just listen for Port HTTP: 80, and HTTPS: 443, under “Service Port”. However if I need more than one port I have to use “* ALL PORTS”, of course I don’t want to use that. Do I have any other options to allow just two ports instead of all for multiple service ports access?
All inquiries welcome
4 Replies
DEJHello K,
Create two Virtual Servers, one for each port. Same address, different ports. The appropriate port traffic will go to the matching VIP.
https://support.f5.com/kb/en-us/solutions/public/6000/400/sol6459.html
If you definitely want both ports on the same VS you could use all ports and then an iRule to specify ports allowed and to which pools. Easier management is having a VS per port.
KDS2014I’m sorry I left out an important part also, the virtual server will be an “Server Name Indication (SNI)” virtual server……would that make a difference?
- Use 2 VS, 1 listening on 80, the other on 443. Make sure your clientssl profiles are configured for SNI and are tied to your 443 VIP. If you need pool member persistence between these 2 VS, you may use Match Across Services for both your VS.
- DEJ
It shouldn't. SNI will be handled by the 443 VIP. 80 would handle http traffic or re-direct to your 443 VIP depending on business needs.
