Redirect HTTPS to HTTP

Question

Hi,&nbsp;Can I ask for a configuration guide on how I can redirect https traffic to http?&nbsp;I have 1 VS on port 443 but back-end server is running on port 80.&nbsp;Do I need to create another VS for redirection? Can anyone help to verify if below rule is correct?&nbsp;when HTTP_REQUEST { HTTP::redirect http://[getfield [HTTP::host] ":" 1][HTTP::uri]&nbsp;Also, when we try to telnet the VS using PC on the same network (telnet 10.2.x.x 443) it wont go through.&nbsp;Below is the VS config:&nbsp;ltm virtual VS_FuelCareer {
    address-status yes
    app-service none
auth none
auto-lasthop default
bwc-policy none
clone-pools none
cmp-enabled yes
connection-limit 0
description none
destination 10.2.x.x:https
enabled
fallback-persistence none
flow-eviction-policy none
gtm-score 0
ip-intelligence-policy none
ip-protocol tcp
last-hop-pool none
mask x.x.x.x
metadata none
mirror disabled
mobile-app-tunnel disabled
nat64 disabled
partition Common
per-flow-request-access-policy none
persist none
policies none
pool FuelCareer
profiles {
    Fuel_Career {
        context clientside
    }
    http {
        context all
    }
    tcp {
        context all
    }
}
rate-class none
rate-limit disabled
rate-limit-dst-mask 0
rate-limit-mode object
rate-limit-src-mask 0
related-rules none
rules none
security-log-profiles {
    "Log all requests"
}
service-down-immediate-action none
service-policy none
source 0.0.0.0/0
source-address-translation {
    pool none
    type none
}
source-port preserve
syn-cookie-status not-activated
traffic-classes none
translate-address enabled
translate-port disabled
urldb-feed-policy none
vlans none
vlans-disabled
vs-index 4

`Code`Thanks!&nbsp;

niels_van_sluis · Answer

You don't need another VS. The VS running on port 443, needs a clientside ssl profile. And your configuration shows that you have one called

Fuel_Career

. Since you don't have a serverside ssl profile attached, SSL will be offloaded. However, you need to enable

translate-port

, since there needs to be a translation from 443, to 80.

jg · Answer

You need to set up another virtual server, say, VS_FuelCareer_80, on the same virtual IP address but on port 80, and apply that irule to it.&nbsp;

jg · Answer

OK I see. There seems to be a confusion about the meaning of "redirect" here, which I see often here at my workplace as well. :-(&nbsp;
When we say "redirect", it usually means "HTTP redirect" in the context of using HTTP protocol directives. In your case, you probably mean to "pass/forward traffic from F5 to a backend application server", and what you need, as far as F5 is concerned, is really SSL-Offloading.&nbsp;
You will need to remove the irule from the virtual server.&nbsp;
You will most likely also need to configure "Source Address Translation" to "SNAT automap".&nbsp;

Forum Discussion

Redirect HTTPS to HTTP

3 Replies

Recent Discussions

About custome Response Blocking Page

Office Online Server with SharePoint 2016

health monitor source IP address

How to target only webview rendering with CSS?

ltm policy asm_auto_l7_policy

Related Content

HTTP To HTTPS Redirect 301

iRule to take cookie from HTTP Response into HTTP Request via table

Http redirection

HTTP to HTTPS Redirect Rewrite plus port change

What is HTTP Part X - HTTP/2