how to redirect from port to another port and to hide the port from the url of client side?
client should type abc.xyz , should be redirected to https://abc.xyz, however server is listening to abc.xyz:9000, client shouldn't see port 9000. so how to redirect http to https with adding port a hidden port 9000?1.4KViews0likes11CommentsBIG-IP : http profile : insert multiple headers
F5 BIG-IP Virtual Edition v11.4.1 (Build 635.0) LTM on ESXi Via the web-admin, I can create/edit an http profile and set this field : Request Header Insert = "X-Forwarded-Proto:http" But what if I want to insert multiple headers ? What is the syntax ? Further, does Request Header Insert erase any pre-existing request headers ? Also, I set Insert X-Forwarded-For to Enabled but logs do not show header X-Forwarded-For to be present.1.1KViews0likes8CommentsSimple HTTP session termination then back end session to web server
Hello Gurus! I'm VERY new to LTM but I suspect this one will be simple. I've got an internal web app that simply uses http on port 80 from a company we acquired, which is currently on their local AD domain. We'll call it http://currenturl.olddomain.local/webapp. In order to get our users that come in over our global WAN into a higher queue in QOS I need them to make connections on a custom port (8052), but we don't want to change the web server. So, I want provide the users across the pond a totally different URL that terminates at the F5 on http port 8052 (http://newurl.ourdomain.com:8052/) and then have the F5 proxy the session to the web server by opening a new connection on the back end to the web server on the actual URL (http://currenturl.olddomain.local/webapp). Any help or article references would be much appreciated!734Views0likes22CommentsBIG-IP : http profile : insert x-forwarded-for : enabled
F5 BIG-IP Virtual Edition v11.4.1 (Build 635.0) LTM on ESXi HTTP Profile Insert X-Forwarded-For : Enabled Suppose the client has already added the "X-Forwarded-For" header value to the request. How will BIG-IP behave ? Will it leave the existing header value intact ? Or will it overwrite the value with what it believes to be the request client ip ? Further, at what point in request-processing does the insert/replace header operation occur ? Does it occur before iRule processing so that the header value is available within the iRule event processing when HTTP_REQUEST {} ?705Views0likes7CommentsJavaScript is not been compressed by HTTP compression profile
i've enabled HTTP compression profile for my one of the web application with Content list box check marked.I've include keyword "text/javascript" and "application/javascript" in content list box.after updating the HTTP profile to Virtual server and seems that Javascript content in HTTP header is not getting compressed by http profile. Content Type Compression (bytes)Pre-CompressPost-Compress HTML 8.3T 1.9T CSS 3.6M 922.7K JavaScript 0 0 XML 291 233 Any thoughts?699Views0likes4CommentsHTTP Profile breaks HTTPS Connections
Hi, We want to setup SSL forwarding for our HTTPS virtual server. If I set a no HTTP profile and setup a bypass by selecting none for both client and server SSL the site works properly. If I apply a HTTP profile with this bypass the HTTPS breaks. Any ideas?Solved535Views0likes4CommentsScript to export list of Virtual Servers attached with HTTP profiles
Hi, I'm been asked to update all the virtual servers having http profile with logging iRule. Now, in my environment I have thousands of virtuals servers in each BIG IP of APAC/ EMEA / US and therefore it would be laborious process to extract all this information and attach iRule to them. I'm looking for some script (to find virtual servers having http profile) that I can run on LTM which could be exported into excel so as to send that details to CAB meeting in our system and also it would be easy for me to delegate some of the work and to perform check and balance. It would be great if anyone can help me in this. Thanks, Sai499Views0likes3CommentsDevice not outputting HTTP Header error into syslog?
I have a production BIG-IP running v15.1.0.4 that is showing unexpected behaviour on a certain LTM error code. I was trying to troubleshoot some connectivity errors and it turned out that the client was sending an oversize HTTP Request header which was greater than the byte limit set in the HTTP "Max header size" value. Normally we would expect to see error code 011f0005 "HTTP header (xxx) exceeded maximum allowed size of 32768" but in this case nothing was observed. A different request with more than the maximum *number* of headers did trigger the separate event "011f0011:3: HTTP header count exceeded maximum allowed count", so the LTM logging is working fine for other codes, just not the header size one. I've compared the same requests on a different F5 pair running the same software version that front a test version of the website affected, and the log entry is being output to syslog as expected, so it seems specific to this production device pair. Is there any way to check lower level logging settings or compare sys db flags between these two pairs so I can try and work out why the error didn't log as expected? Thought it was worth an ask on here prior to raising a suport ticket. Many thanks, Dan410Views0likes1CommentHTTP_Profile breaking application that relies on Host_header
We are trying to migrate a Web Application from old ACE Load Balancer to F5. The nodes serving the application apply style sheets to the page based on the HTTP Host Header that is received in the GET request. Depending on the FQDN that is called from the browser the application applies a particular style sheet or another. This is currently working as expected in a really old Cisco ACE Load Balancer that does not do any inspection at the HTTP layer other than using SSL. The only way for it to work in the F5 is by removing the HTTP profile so that HTTP inspection does not happen. However, we cannot remove the http_profile because we need cookie persistence and also SSL encryption which is impossible to use without the http_profile. These are my questions: Is there a way to do SSL offloading and cookie persistence in the F5 without using and HTTP profile so that the F5 passes the GET seamlessly without looking at it at all? If there is no way, what you think it could be the cause of the issue here? I know is a very difficult question to answer without looking at more details but general ideas will be appreciated as I am out of ideas right now in how to make this work and the coders do not really want to make any changes to the application to provide me with multiple URIs so that the F5 makes the decision based on that.317Views0likes1Comment