12-07-2006 03:58 AM
Hi,
Is it possible to configure an http -> http redirection using header-field rules if the CSS is NOT performing the SSL encryption/decryption ?
We can get the redirect working not using the header-field rule but not with it configured.
cheers,
Mike
12-07-2006 06:26 AM
Mike,
it should be possible.
Do you see it on your header-field rule ?
Can we see the config ?
Thanks,
Gilles
12-08-2006 12:42 AM
Gilles,
The header-field rule works to redirect the http traffic to a specific service, but we also want the header-field rule config under the port 443 content rule.
Can the CSS see the header or is it encrypted ?
---------------------------------------------
service 10.10.10.1-443
ip address 10.10.10.1
protocol tcp
port 443
keepalive maxfailure 2
keepalive retryperiod 45
keepalive frequency 45
keepalive type script testscript "10.10.10.1 4000 3179 archepns"
active
service 10.10.10.2-443
ip address 10.10.10.2
protocol tcp
port 443
keepalive maxfailure 2
keepalive retryperiod 45
keepalive frequency 45
keepalive type script testscript "10.10.10.2 4000 3179 archepns"
active
service archepns_redirect
keepalive type none
type redirect
no prepend-http
ip address 1.1.1.1
domain https://www-knowledge-epe.company.com
active
**********************************************
header-field-group archepns_url
header-field Request-Line request-line contain "/archepns"
header-field-group archepns_url2
header-field Request-Line request-line contain "/archepns"
**********************************************
content archepns-redirect-sso
vip address 20.20.20.1
protocol tcp
port 80
url "/*"
header-field-rule archepns_url weight 0
add service archepns-redirect
active
content archepns-443
vip address 20.20.20.1
port 443
url "/*"
header-field-rule archepns_url weight 0
add service 10.10.10.1-443
active
content archepns-redirect-sso
vip address 20.20.20.1
protocol tcp
port 80
url "/*"
header-field-rule archepns_url2 weight 0
add service archepns-redirect
active
content archepns-443
vip address 20.20.20.1
port 443
url "/*"
header-field-rule archepns_url2 weight 0
add service 10.10.10.2-443
active
12-08-2006 01:12 AM
the http header is encrypted.
This is why it won't work without an ssl module.
Gilles.
12-08-2006 01:29 AM
Yep, we have an SSL module so it is OK to do this then. We just didn't use it for our tests.
cheers,
Mike
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide