Forum Discussion
NimbostratusVS selection based on HTTP:host
Hello,
I have a single public IP address and I want to share it between 2 web authentication services (using both https). So far I have configured 2 VS with specific access policies and it works well.
Now my firewall is configured to send all the web traffic to the VS1 and I try to use an irule to switch to VS2 based on the host: Note: my first idea was to use the access policy but I can only test the URI (?) and I'm not sure I can swith to another VS.
when HTTP_REQUEST { log local0. "in HTTP_REQUEST"
switch [string tolower [HTTP::host]] {
"authsrv1.test.mydomain.com" { virtual VIP_authsrv1.test.mydomain.com }
"authsrv2.test.mydomain.com" { virtual VIP_authsrv2.test.mydomain.com }
}
}
It does not work, any idea?
3 Replies
- boneyard
MVP
you say it doesn't work. but what doesn't work? don't you get to the other virtual, doesn't the APM start at all, ...? have you tried a third vip without APM where the traffic enters and then doing this selection?
i can imagine that the APM already started and doesn't like the change of virtual, but that is just guessing, so please provide some more info.
symon38_167412ok I have modified the irule above to add logging infp and removed the access policy on the 1st VS:
Aug 21 10:04:13 GSDCE-LB001 info tmm1[10973]: Rule /Common/IAMRA : Current virtual server name: /Common/authsrv1.test.mydomain.com Aug 21 10:04:13 GSDCE-LB001 info tmm1[10973]: Rule /Common/IAMRA : HTTP::host : authsrv1.test.mydomain.com Aug 21 10:04:13 GSDCE-LB001 info tmm1[10973]: Rule /Common/IAMRA : New virtual server name: /Common/authsrv1.test.mydomain.comI don't get it, perhaps it is not the right way to proceed?
- boneyard
you are still not telling what doesn't work, dont you get the APM screen, do you get the wrong one?
