How to redirect Https to Https respons ?
Hii Everyone, I have a problem with our client application Web. I have VS port 443 (using SSL) and pool member 80. (IP VS 192.168.x.x:443 --> pool member 10.45.x.x:80 ) When client access port 443 at homepage still 443, but when user login to the homepage, its redirected from 443 to http (80). When I dump, the response from server is true (respons 443 TLS) because F5 respons must be 443. The problem is why the user after login to the homepage redirected to HTTP, not HTTPS ? We can't using this step: 1. we cannot change the pool member port 80 to member 443 because port 80 still use for internal application, so we cannot create redirected VS http to https. 2. Server can be change from 80 to port 443 becausehave not received permission from the client management. So the question is : Any irules to change the respons server to https when user login to the homepage ??? Thankyou.
HTTP to HTTPS://wwww iRule
Hello, I have a pair of physical F5's sitting in front of an IIS farm. My understanding is it's better/easier to use iRules instead of IIS Re-write rules for what I'm trying to do. Can someone please assist in creating an iRule or set of iRules that would properly redirect ANY permutation of our website to https://www.URL.com? For example http://URL.COM --> https://www.url.com url.com --> https://www.url.com https://url.com --> https://www.url.com No matter how they type it, the URL should take them to Thank you very much!
HTTP to HTTPS
Hi, I was wondering if someone could help me with an irule that will redirect a site http://test.site.com:8050 to https:test.site.com:8050. The problem is it keeps getting stuck in a loop. I need it to know if its http to redirect but if the site comes in https then to not redirect the request again. Thanks!!!
Rewrite profile - any better way?
Hi, I wonder is there is any simpler way to achieve something described below: Scenario: Single VS - IP mapped to few external FQDNs Each external FQDN maps to virtual host on the same backend server (so traffic accepted only if there is Host header match in request send from BIG-IP to backend) There is possibility that some links returned from backend (in content) are not relative and can use backend srv FQDN. Setup: Local Traffic Policy forwarding traffic to appropriate pool based on host header in request from client - sure it could be one pool but because FQDN nodes has to be used I guess separate pools are needed - or not? Then Rewrite profile with URI rules for each ext FQDN to int FQDN with Rewrite Header, Rewrite content set, like * -> * -> * -> * and so on When redirect from http to https (send from backend) is needed then another Rewrite profile is necessary for HTTPS VS: * -> * -> * -> * and so on It is working OK but requires plenty of objects to be configured, everything has to be entered by hand, in few places and cause a lot of work and possibility to make mistake :-( Is there any other way (simpler, less error prone) to achieve the same goal? Piotr
w3c iRule logging for Virtual Servers having http to https redirection iRule
Hi, I have been asked to verify the VS without w3c iRule in our LTMs and attach this iRule to them. Now, I have many VS in LTMs which have http to https redirection iRule attached to them and w3c iRule attached to VS listening on https. Could anyone of you please confirm whether I have to attach w3c iRule to both VS listening on http and https or would it suffice if I only attach it to VS with https as requests to http would be redirected to https VS. If I add w3c to both of the VS (http & https) would this create redundant logs as traffic to VS:http are redirected to VS:https. Can I have some clarification on this. Thanks in advance, MSK
HTTPS rewrite
Hi All, Have a requirement to rewrite a https request to another url. That part is all good with "HTTP::header replace host ". However I need the server side connection to go out as a https connection too with the newly rewritten host (not a redirect to a https host but a rewrite). Is there a way to do this via an irule and if so how? I figured this could be done via a server side SSL Profile too? For example initial https request comes in, client side SSL profile decryptes the connection, http::header replace then rewrites the url and then the server side SSL profile reencrypts to back end pool. Would this work, is this the order of processing with the combined use of SSL profiles and irules? Been trying to test but not much like with the server side SSL profile. Thankshttp to https redirection issue .
Hello guys I got fast question probably I have 2 vips : https with pool members : 443 http + i rule but someone attached there pool with members on port 80 ........................ when HTTP_REQUEST { HTTP::redirect https://[HTTP::host][HTTP::uri] } ........................ Customer was trying to connect via https vip but it was not working - from my experience it was nonsense so i removed pool http from http VIP and it started to work . I am not sure why , Vips were set with very standard options profile http and https + auto map Thank you for replay in advance
How to overcome "Only secure content is displayed"?
Hi, I am load balancing to a web server which uses backdrop mapping. I have created an Virtual Server listening on HTTP which applies the "_sys_https_redirect" iRule to redirect from HTTP to HTTPS which contains the following: when HTTP_REQUEST { HTTP::redirect https://[getfield [HTTP::host] ":" 1][HTTP::uri] } I have then created a second Virtual Server listening on HTTPS that presents the SSL certificate and then simply load balances to the pool members (passing traffic to them on TCP port 80). The problem that I am getting is that some pages contain backdrop mapping from openstreetmap.org (URL is similar to http://a.tile.openstreetmap.org/b/c/d/png where a b c and d can vary). Firefox and Chrome do not display this embedded backdrop mapping but Internet Explorer does at least show a message saying "Only secure content is displayed". If I then click on the "Show all content" button, the mapping does appear. I have searched the forums and have tried creating a custom http profile with edited "Request header insert" to insert the X-Forwarded-Proto but must be doing it wrong as i get an error "01070373:3: Invalid Header Insert 'X-Forwarded-Proto' for profile /Common/http_osnet. name:value must be ":" separated" I am fairly new to LTM so any help greatly appreciated.
SHAREPOINT REDIRECT IRULE ON LTM
What IRULE can be used to redirect a sharepoint website. I have a sharepoint url in my environment which management wants redirected to https://share.denison.net. https://share.dension.net is also currently functional and serving the same content like . Users on the Windows domain,only type and get automatically redirected to . How then do i redirect requests which load to to https://share.denison.net*Redirect http to https for Internet clients but not private clients*
How to Redirect all clients from http to https for Internet clients but allow http to private client IP? Following is not working properly: when CLIENT_ACCEPTED { if { [IP::addr [IP::client_addr] equals 10.0.0.0/8] or [IP::addr [IP::client_addr] equals 192.168.1.0/24]} { set redirect 0 } else { set redirect 1 } } when HTTP_REQUEST { if {$redirect}{ HTTP::redirect "https://[HTTP::host][HTTP::uri]" } }