EM Template MS Sharepoint 2007 SSL

Problem this snippet solves:

Creates an HTTP virtual server referencing an iRule which redirects all requests to HTTPS, a default SNAT automap, and an HTTPS virtual server referencing a pool with a basic monitor, a basic TCP profile, a cookie insert persistence profile, a customized HTTP profile with compression & caching, and a generic clientssl profile.

Product/Version Details

• Tested on EM 1.4.1/LTM 9.4.0
• Based on F5 Deployment Guide Deploying F5 with Microsoft Office SharePoint 2007

How to use this snippet:

• Replace the destination variable value in the "@define @..._virtual" lines with the desired address of the virtual server.
• Replace the members variable value in the "@define @members" line with the list of actual pool members providing the service.
• Optional: Customize the monitor profile settings to provide the level of monitoring appropriate for your environment.
• Optional: Customize the clientSSL profile settings to include the appropriate SSL certificate for the service.
• Optional: Customize the HTTP profile settings as required to support the service in your environment.
• Optional: Customize the persistence profile settings as required to support the service in your environment.
• Optional: Customize the TCP profile settings as required to support the service in your environment.

Code :

@name "Sharepoint07-SSL-config"
@description "Sharepoint 7 SSL Configuration"
@published yes
@require_verify yes
@allow_persist yes
@define @members description "SPS Pool Members" editable visible default "10.10.100.151:http 10.10.100.152:http"
@define @sps_virtual description "SPS HTTP Virtual" editable visible default "192.168.104.147:http"
@define @sps_https_virtual description "SPS HTTPS Virtual" editable visible default "192.168.104.146:https"

#F5[Local Traffic / SNAT]
#F5[$target_partition$]
snat DefaultSNAT {
   automap
   origins default inet
}

#F5[Local Traffic / Monitor]
#F5[$target_partition$]
monitor SPSHTTP_monitor {
   defaults from http
   interval 30
   timeout 91
}

#F5[Local Traffic / Profiles / ClientSSL]
#F5[$target_partition$]
profile clientssl SPS_clientssl {
   defaults from clientssl
}

#F5[Local Traffic / Profiles / HTTP]
#F5[$target_partition$]
profile http SPS_HTTP_opt {
   defaults from http-wan-optimized-compression-caching
   compress keep accept encoding enable
   redirect rewrite matching
   compress content type include
      "text/"
      "application/(xml|x-javascript)"
      "application/pdf"
      "application/vnd.ms-powerpoint"
      "application/vnd.ms-excel"
      "application/msword"
      "application/vnd.ms-publisher"
   compress content type exclude none
   ramcache uri exclude none
   ramcache uri include "/_layouts/images/*"
   ramcache uri pinned none
}

#F5[Local Traffic / Profiles / Persist]
#F5[$target_partition$]
profile persist SPSCookie {
   defaults from cookie
   mode cookie
}

#F5[Local Traffic / Profiles / TCP]
#F5[$target_partition$]
profile tcp SPS_TCP_opt {
   defaults from tcp-lan-optimized
}

#F5[Local Traffic / Pool]
#F5[$target_partition$]
pool SPSServers {
   lb method least conn
   monitor all SPSHTTP_monitor
   members
      @members
}

#F5[Local Traffic / Rule]
#F5[$target_partition$]
rule SPS_httptohttps {
   when HTTP_REQUEST {
HTTP::redirect https://[HTTP::host][HTTP::uri]
}
}

#F5[Local Traffic / Virtual Server]
#F5[$target_partition$]
virtual SPS_virtual {
   destination @sps_virtual
   ip protocol tcp
   rules SPS_httptohttps
}

#F5[Local Traffic / Virtual Server]
#F5[$target_partition$]
virtual SPS_httpsvirtual {
   pool SPSServers
   destination @sps_https_virtual
   ip protocol tcp
   profiles
      SPS_HTTP_opt
      SPS_TCP_opt
      SPS_clientssl
   persist SPSCookie
}