Redirect iRule differences...
We have a situation where we need to redirect users from one domain to another and had been using Method 1 ( shown below ) of redirection via iRule. It was recently brought to our attention by our web team that the way we were doing the redirects for one of their sites in particular was "really bad" for SEO and we ended up making them happy with doing it via Method 2 ( shown below ). While my team officially maintains our BIG-IP's, we are not network/web savvy and don't really understand the difference here. We have a new site that needs to be redirected and we are not sure which method to use. Would someone please explain in what cases you would use one over the other. Thanks. Method 1 when HTTP_REQUEST { if { [HTTP::host] eq "website1.com" } { HTTP::redirect https://websitesite2.com } } Method 2 when HTTP_REQUEST { if { ([string tolower [HTTP::host]] eq "website1.com")} { HTTP::respond 301 Location "http://website2.com" return } }43Views1like1CommentiRule resulting in too many redirects
I have two requirements with my virtual server. 1. A redirect to /pc/service/SSOLogin 2. 24 hour persistence based on the JSESSIONID cookie in the request header. The first one was accomplished early on with a policy that redirects to location '/pc/service/SSOLogin' at request time. This has worked without any issues until I tried to implement the JSESSIONID persistence. To accomplish the second, I created an iRule to be used with the Universal persistence profile. When I implemented this persistence profile, the redirect policy no longer worked. My assumption was that the iRule and the policy were conflicting with each other. To resolve this, I created a single iRule to handle both of these requirements. Now, I am getting too many redirects. The iRule is below. when HTTP_RESPONSE { ## PERSISTENCE # If the JSESSIONID exists, we'll pass the cookie along if { [HTTP::cookie exists "JSESSIONID"] } { persist add uie [HTTP::cookie "JSESSIONID"] 86400 } } when HTTP_REQUEST { ## PERSISTENCE # If the JSESSIONID exists, we'll maintain that persistence if { [HTTP::cookie exists "JSESSIONID"] } { persist uie [HTTP::cookie "JSESSIONID"] } ## REDIRECT # This grabs the base url from the incoming request # For Example, https://my.site.com/some/path the base_url is set to https://my.site.com set base_url "https://[HTTP::host]" # Defining the new path set new_path "/pc/service/SSOLogin" # Construct the new URL # For example, https://my.site.com/pc/service/SSOLogin set new_url "$base_url$new_path" # Redirect to the new URL HTTP::redirect $new_url }120Views0likes6CommentsiRule for migrating to Sharepoint Online
Hello, I'm very new to the F5 platform and creating iRules. I did try searching the forums, and there is a lot of good information (thank you contributors), but can't find a solution to exactly what I need to do. We are migrating off an on-premise Sharepoint to Sharepoint Online/365. I would like to have an iRule that states: If you are going to myportal.company.com then redirect to sharepointonline.company.com but if there is anything after the URI then redirect to sharepointonline.company.com/sites/<URI> For example: myportal.company.com = sharepointonline.company.com myportal.company.com/hr = sharepointonline.company.com/sites/hr myportal.company.com/aa = sharepointonline.company.com/sites/aa I was hoping not to have to list out every URI, but I didn't know if I could use a wildcard. Any help or pointers would be appreciatedSolved523Views0likes3CommentsMissing Certificate after redirect
We have a requirement for any calls coming into https://abc.comto be redirected to Azure APIM https://apim-xyz.com/api A simple following rule has been setup in F5 for calls coming intohttps://abc.com when HTTP_REQUEST { HTTP::respond 307 Location "https://apim-xyz.com/api" } But the problem we are facing is with client certificate. After the redirect, the client certificate is no longer available and new URL"https://apim-xyz.com/api"is not able to validate the request. We have no control over the client. We can control F5, redirect and server. Any help would be greatly appreciated.512Views0likes4CommentsF5 redirect
Hi! I have 2 F5s active standby clusterBIG-IP 16.1.3 build 0.0.12 and I have a VServer called: xyz.acme.com:443. It's public internet facing, with public cert imported as a server profile - works fine. Now I got a request to have this VServer under 2 urls: xyz.acme.com z.acme.com We did DNS alias - this works fine butI have cert only for the first one. The business does not want to buy another cert for the 2nd url if possible (let's encrypt, and other like this are out of the question). Is it possible to do redirect from z.acme.com to xyz.acme.com without buying new cert?458Views0likes3CommentsRedirect Rewrite not working - how write an irule to redirect non-standard port
Simple port change, just not sure which path to take. I have a virtual server that is listening on 443. It redirects to a server on the backside that is listening on http (not SSL) via port 10108. When users are clicking around this server there are links that are taking them to http://URL.EXAMPLE.COM:10108. In the past I've always applied an HTTP profile and just did rewrite redirect to "all". But for some reasons it's not catching this one. So I'm trying to write an irule that says ...when an http request comes in for 10108 go ahead and take the 10108 off and redirect it to https. I think that for this to work I would have to first create virtual server to listen on 10108...which I don't really want to do. So my question(s) are as follows: why isn't redirect rewrite working? Isn't that the entire point of that command if I want to just redirect these inbound requests do I need to have a server listening on 10108 (pretty sure that is a yes...otherwise my understanding of traffic flow is completely off) What irule command do I use to replace just the port? I believe that the HTTP::header contains the port. I don't think that the port is contained in the URI or in the PATH, so do I need to replace the header with the stripped off port number? To maintain the rest of the URI do I need to first save that as a variable and then add it back in? when HTTP_REQUEST { if {[HTTP::header] contains "10108" HTTP::header replace Host "URL.EXAMPLE.COM" HTTP::redirect https://[HTTP::host]/HTTP::uri } ...that certainly doesn't look right, so any help would be appreciated.Solved542Views0likes3CommentsProxyPass Appending "/" to URI 404 Error
Hey All, Need a bit of assistance here, thinking this should be an easy fix but I can't figure it out. Testing out the ProxyPass iRule so that when the end users enters a URL they get redirected but the URL remains the same from their perspective. ProxyPass is working but it's appending a "/" at the end of the URI and that path isn't on the server. Here are the debug logs: Mar 6 22:51:39 local/tmm info tmm[4929]: Rule devpasswordreset.environment.dev : devpasswordreset.environment.dev_443: 10.10.10.10:55759 -> 172.30.25.84:443 Mar 6 22:51:39 local/tmm info tmm[4929]: Rule devpasswordreset.environment.dev : VS=devpasswordreset.environment.dev_443, Host=devpasswordreset.environment.dev, URI=/: Found Rule, Client Host=devpasswordreset.environment.dev, Client Path=, Server Host=devpasswordreset.environment.dev, Server Path=/rdweb/pages/en-us/devpassword.aspx Mar 6 22:51:39 local/tmm info tmm[4929]: Rule devpasswordreset.environment.dev : VS=devpasswordreset.environment.dev_443, Host=devpasswordreset.environment.dev, URI=/: Using default pool devpasswordreset.environment.dev_80 Mar 6 22:51:39 local/tmm info tmm[4929]: Rule devpasswordreset.environment.dev : VS=devpasswordreset.environment.dev_443, Host=devpasswordreset.environment.dev, URI=/: New Host=devpasswordreset.environment.dev, New Path=/rdweb/pages/en-us/devpassword.aspx/ Mar 6 22:51:39 local/tmm info tmm[4929]: Rule devpasswordreset.environment.dev : VS=devpasswordreset.environment.dev_443, Host=devpasswordreset.environment.dev, URI=/: Removed Accept-Encoding header Mar 6 22:51:39 local/tmm info tmm[4929]: Rule devpasswordreset.environment.dev : VS=devpasswordreset.environment.dev_443, Host=devpasswordreset.environment.dev, URI=/: 404 response from devpasswordreset.environment.dev_80 172.30.26.98 80 Mar 6 22:51:39 local/tmm info tmm[4929]: Rule devpasswordreset.environment.dev : VS=devpasswordreset.environment.dev_443, Host=devpasswordreset.environment.dev, URI=/: $stream_expression_cmd: STREAM::expression "@devpasswordreset.environment.dev/rdweb/pages/en-us/devpassword.aspx@devpasswordreset.environment.dev@ @/rdweb/pages/en-us/devpassword.aspx@@", $stream_enable_cmd: STREAM::enable Mar 6 22:51:39 local/tmm info tmm[4929]: Rule devpasswordreset.environment.dev : VS=devpasswordreset.environment.dev_443, Host=devpasswordreset.environment.dev, URI=/: Successfully configured and enabled stream filter Mar 6 22:51:39 local/tmm info tmm[4929]: Rule devpasswordreset.environment.dev : VS=devpasswordreset.environment.dev_443, Host=devpasswordreset.environment.dev, URI=/: Checking Location=, $protocol= Mar 6 22:51:39 local/tmm info tmm[4929]: Rule devpasswordreset.environment.dev : VS=devpasswordreset.environment.dev_443, Host=devpasswordreset.environment.dev, URI=/: Checking Content-Location=, $protocol= Mar 6 22:51:39 local/tmm info tmm[4929]: Rule devpasswordreset.environment.dev : VS=devpasswordreset.environment.dev_443, Host=devpasswordreset.environment.dev, URI=/: Checking URI=, $protocol= Here's a packet capture of the server side: Is there anything I need to tweak to keep this from happening? Thanks, Brian255Views0likes3CommentsSimple Logout redirect irule
I have some sites that I need to redirect to an external URL. I have figured that out with an irule when HTTP_REQUEST { HTTP::redirect "https://OTHERSITE.com[HTTP::uri]" } On the external sites there is a "logout" button and that needs to hit a static web page that I have set up on the BIG-IP. So if a user goes to www.example.com they get redirected to www.othersite.com. While on www.othersite.com if they click logout it sends them back to www.example.com/Logout.html. I setup an irule and applied it to the same virtual server above the first redirect iRule. My thought is that the "www.example.com/Logout.html" is a specific URL so if the F5 sees that then to redirect it to the apology page, but if it sees anything else to just send it to the "OTHERSITE.COM" url. I'm sure I'm missing something but here's my other irule. when HTTP_REQUEST { if { ([HTTP::host] equals "http://example.com/Logout.html") } { "/generic_apology_pic.jpg" { HTTP::respond 200 content [ifile get "generic_apology_pic.jpg"] } default { HTTP::respond 200 content [ifile get "generic_apology.htm"] } } } } I probably wrote this as confusing as possible, but very simply I need to redirect all traffic to www.example.com to www.othersite.com, unless it's going to www.example.com/Logout.html, at which point I need to display a page that is hosted on the F5. Thanks in advance, David2.1KViews0likes2Comments301 Redirect Using Data Group External File
This should be easy...and I see some posts on it, but I can't seem to get it to work. We were given a list of hundreds of URL's that need 301 redirects. The host and URI in most cases is entirely different and unique so I can't just wildcard a redirect for everything to a single destination. example: https://oldsite.com/pdf/111 --> http://newsite.com/doc/222 https://oldsite.com/jpg/222 --> http://newsite.com/bmp/111 etc. I have all of the old site to new site mappings and I read another post that said I should create an external data group as a string that has := as the separator, so I have a datagroup called "testuri" and it looks like this: "; := "; And I have an irule that says: when HTTP_REQUEST { if {[set code_url [class match -value -- [string tolower [HTTP::host][HTTP::uri]] equals testuri]] ne ""}{ HTTP::respond [getfield code_url " " 1] Location [getfield code_url " " 2] } } ...but it doesn't work. In the end all I need is an irule that looks for the inbound request and if it's in the data group then returns the new value that it should be mapped to. This seems simple, but it's turning not to be as simple as I had hoped.320Views0likes1CommentReplace path in redirect
Expectations: using the old hostname (oldhostname.com) will redirect to the new hostname (newhostname.com) using / (nothing after .com) will redirect to /newpath using /oldpath/foo will redirect to /newpath/foo The issue is the last part. If you do something like this... when HTTP_REQUEST { if { [string tolower [HTTP::uri]] starts_with "/oldpath" } { HTTP::redirect "/newpath[HTTP::uri]" } } It grabs the oldpath, so it looks like this /newpath/oldpath. Please help if you canSolved793Views0likes2Comments