Technical Forum
Ask questions. Discover Answers.
Showing results for 
Search instead for 
Did you mean: 

Source IP redirect, change host, uri and change to 443



I'm using BIG-IP LTM


I have a VIP on port 4001 taking external connections, this goes to a pool with a client SSL cert.


I am trying to "route" to a different destination based on the source IP address. However, I need to manipulate the uri as well.


I have tried this via an iRule, but looking at the forum people are saying just use the policies section of the F5.


I am a network engineer by trade and I very rarely get this deep into LTM. Please can you assist? I have outputs from what I have tried below.


I have run packet captures and see that the request does forward, but in plain text (iRule output), so I have tried to encrypt it before sending it to the destination, but I don't think I'm doing it right.


pool_RTS_Azure =

pool_RTS_4001 is the default pool

pool_RTS is the same as pool_RTS_4001














Hi phipse,


If you want to re-encrypts traffic on the server side by initiating a new SSL connection between the F5 BIG-IP and the web server add a SSL profile (Server) on your Virtual Server, eg severssl.

Despite this, all configuration seems OK.




Hi Lidev,


This isn't working. With the iRule I can not change the host entry in the URI, it just forwards the request as it is to the pool. However, the policy does seem to work, but I receive an error back from the Azure server, like it's receiving a GET request rather than a POST.


Thank you

Sorry, I didn't specify that I just looked at the LTM policy part. I'm not a big fan of iRules, i prefer to go through an LTM policy when I have a choice.

for HTTP method issue, it's necessary either to adjust the HTTP methods on the backend server or to modify the sent requests.

Am I right in using the ssl server part? Something doesn't feel right as we don't normally use it on our VIPs.

We're sending the body as a POST request.

It depends on what you want to do with TLS/SSL trafic ?


SSL Offloading (clientssl profile/no serverssl profile on virtual server) terminates SSL at the F5 and the server side traffic is non-encrypted.

SSL Bridging (clientssl profile and serverssl profile on virtual server) terminates SSL at the F5 and then re-encrypts traffic to the server side.