08-08-2007 03:22 PM
Greetings all,
I have 2 challenges
1) redirect port 80 to 443 on same CSM
2) Allow 443 in directly to the same server that port 80 is being redirected to.
Essentially we have some sites that were converted to HTTPS, but there are legacy users who still have port 80 bookmarked.
I am getting confused with where the command redirect-vserver points. Most of the examples are for SiteA to SiteB connectivity - so you could assume the redirect-vserver points to a VIP on a different CSM (that would be easy).
My issue is that these all live on the same CSM. When I create a vserver TEST_443 tcp 443 and try to point the redirect-vserver to it, I get an error message:
% Virtual server TEST_443 is already configured as a Redirect vserver.
How do you perform same CSM TCP Port redirection is my question?
Also, to challenge #2 above, I also need to allow in 443 directly. This would normally be no big deal, but with the redirection, I am getting a bit confused.
Thanks for any and all replies.
08-09-2007 12:41 PM
you can do it.
Just do not use the same name for the redirect-vserver and the vserver.
Gilles.
08-09-2007 02:13 PM
gdufour,
Thanks for replying, I tested in the Lab and everything is working.
Sometimes the stupid things kill you....
Thanks!!!!
05-11-2008 01:13 PM
I have exactly same scenario as Kenneth has described above. But I have CSM module without SSL daughter card. So, first I want to confirm that does CSM alone(without SSL daughter card) support HTTPS requsts? Can I connect servers listning at port 443(HTTPS port) to this CSM?
05-12-2008 07:01 AM
Here is the configuration I have created for this. Could someone verify that this can work for above mentioned scenario before I can implement this in production. (Unfortunatly No facility for Lab Check). Thanx in advance.
**CONFIGURATION FOR HTTPS**
serverfarm HTTPSFARM
nat server
no nat client
real 172.16.23.81 443
inservice
real 172.16.23.82 443
inservice
!
vserver HTTPSVIP
virtual 10.20.221.100 tcp 443
serverfarm HTTPSFARM
persistent rebalance
inservice
!
!
**CONFIGURATION FOR REDIRECTING HTTP to HTTPS**
!
map SPORTMAP url
match protocol http://gspme.com*
!
serverfarm REDIRECTFARM
nat server
no nat client
redirect-vserver HTTPSVIP
webhost relocation https://gspme.com 301
inservice
!
serverfarm HTTPFARM
nat server
no nat client
real 172.16.23.81
inservice
real 172.16.23.82
inservice
!
policy SPORTPOLICY
url-map SPORTMAP
serverfarm REDIRECTFARM
!
vserver HTTPVIP
virtual 10.20.221.100 tcp www
serverfarm HTTPFARM
persistent rebalance
slb-policy SPORTPOLICY
inservice
!
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: