F5 Virtual Server responds to clients with pool member port instead of VS port

Question

I have an F5 HA cluster deployed in one-arm mode with SNAT and source port preserve enabled (by default since i used iApp templates). The VS is configured to listen on port 443 with an http to https redirect enabled. Challenge is we have noticed that for pool members listening on different ports other than port 80 eg port 9080, when the traffic is sent to such pool members the response to the client goes with the pool member port thus the web page doesn't load since the firewall permits only ports 80 and 443 for client to F5 VS communication. Expectation was that response to clients should be strictly on port 443.

andrew-f5 · Answer

The response should be using port 443 between client and virtual server but may not be if your server is including a port within a redirect or location header, in which case we honor HTTP RFC. &nbsp;Also make sure you have "Port Translation" enabled within the advanced virtual server configuration.

hoang_hung · Answer

Hi &nbsp;I have depoloy many my customer and I have same error with &nbsp;.Default Virtual Server advanced " enable default ". I sometime use irule or customize context path on Web.Do you known workround for it ?&nbsp;Thanks allHung Hoang

Forum Discussion

F5 Virtual Server responds to clients with pool member port instead of VS port

2 Replies

Recent Discussions

Advise on setting up IRULE

Chrome V 124+ on MacOS - Virtual Server Access Issue

Port Group on F5OS network setting

F5Access | MacOS Sonoma

Rewrite uri translation not working

Related Content

Integrating SSL Orchestrator with Fortinet FortiGate Virtual Edition as a Virtual Wire

Large payload post requests aren't responding

Restricting Access to Virtual from client IP address in X-Forwarder-For HTTP header

Change cookie domain in HTTP::respond

Gzip content when using HTTP::respond