Gilles,

The header-field rule works to redirect the http traffic to a specific service, but we also want the header-field rule config under the port 443 content rule.

Can the CSS see the header or is it encrypted ?

---------------------------------------------

service 10.10.10.1-443

ip address 10.10.10.1

protocol tcp

port 443

keepalive maxfailure 2

keepalive retryperiod 45

keepalive frequency 45

keepalive type script testscript "10.10.10.1 4000 3179 archepns"

active

service 10.10.10.2-443

ip address 10.10.10.2

protocol tcp

port 443

keepalive maxfailure 2

keepalive retryperiod 45

keepalive frequency 45

keepalive type script testscript "10.10.10.2 4000 3179 archepns"

active

service archepns_redirect

keepalive type none

type redirect

no prepend-http

ip address 1.1.1.1

domain https://www-knowledge-epe.company.com

active

**********************************************

header-field-group archepns_url

header-field Request-Line request-line contain "/archepns"

header-field-group archepns_url2

header-field Request-Line request-line contain "/archepns"

**********************************************

content archepns-redirect-sso

vip address 20.20.20.1

protocol tcp

port 80

url "/*"

header-field-rule archepns_url weight 0

add service archepns-redirect

active

content archepns-443

vip address 20.20.20.1

port 443

url "/*"

header-field-rule archepns_url weight 0

add service 10.10.10.1-443

active

content archepns-redirect-sso

vip address 20.20.20.1

protocol tcp

port 80

url "/*"

header-field-rule archepns_url2 weight 0

add service archepns-redirect

active

content archepns-443

vip address 20.20.20.1

port 443

url "/*"

header-field-rule archepns_url2 weight 0

add service 10.10.10.2-443

active

the http header is encrypted.

This is why it won't work without an ssl module.

Gilles.

Yep, we have an SSL module so it is OK to do this then. We just didn't use it for our tests.

cheers,

Mike