Hi,
I would like to seek some advice on the redirection feature (using service type redirect) in a one arm CSS configuration.
In our environment, we process incoming HTTPS request and load balance to 2 HTTPS Servers. In the event that all the local services are unavailable, the request will be forwarded to a webpage located in either a HTTP or HTTPS Server.
Below is a sample config. However, it doesnt redirect when the local services become unavailable.
Instead, i change the whole config such that it process incoming HTTP request (not HTTPS), load balance to 2 HTTP servers and redirect to a HTTP server when local service fails. This time it works.
Do the redirect service type only works with incoming HTTP request only and not with incoming HTTPs request?
Is it able to redirect for the following senario?
1) incoming HTTPS, redirect to HTTPS Server or HTTP Server when local service are unavailable.
2) incoming HTTP, redirect to HTTP (tested it works) or HTTPS server.
Thanks in advance for assistance
!************************** CIRCUIT **************************
circuit VLAN1
ip address 192.168.103.35 255.255.255.192
!************************** SERVICE **************************
service SSL1
ip address 192.168.103.53
protocol tcp
port 443
keepalive type tcp
keepalive port 443
active
service SSL2
ip address 192.168.103.54
protocol tcp
port 443
keepalive type tcp
keepalive port 443
active
service SSLRedirectHTTPS
ip address 192.168.103.31
protocol tcp
port 443
keepalive type tcp
keepalive port 443
type redirect
no prepend-http
redirect-string "https://192.168.103.31/down.htm"
active
service SSLRedirectHTTP
ip address 192.168.103.32
protocol tcp
port 80
keepalive type http
type redirect
redirect-string "192.168.103.32/down.htm"
active
!*************************** OWNER ***************************
owner CISCO
content L5Rule_SSL
vip address 192.168.103.37
application ssl
protocol tcp
port 443
url "/*"
add service SSL1
add service SSLRedirect
active
!*************************** GROUP ***************************
group SSL
vip address 192.168.103.37
add destination service SSL1
add destination service SSL2
add destination service SSLRedirectHTTPS
add destination service SSLRedirectHTTP
active