Forum Discussion
You'll need two iRules like the one above, one for external (on the HTTP virtual server) and one for internal (on the HTTPS vs).
logic goes like this (for the HTTP vs):
if not client_ip in internal_subnets datagroup, redirect to the HTTPS host(* see note below) otherwise, fall through to the default pool for the virtual server (implied) This could be explicitly stated like this:
when HTTP_REQUEST {
HTTP
if { ! [class match [IP::client_addr] equals internal_subnets] } {
HTTP::redirect "https://www.test.com[HTTP::uri]"
} else {
pool www.test.com-pool-HTTP
}
}
logic goes like this (for the HTTPS vs):
if client_ip in internal_subnets datagroup, redirect to the HTTP host(* see note below) otherwise, fall through to the default pool for the virtual server (implied) This could be explicitly stated like this:
when HTTP_REQUEST {
HTTPS
if { [class match [IP::client_addr] equals internal_subnets] } {
HTTP::redirect "http://www.test.com[HTTP::uri]"
} else {
pool www.test.com-pool-HTTPS
}
}
(*) I usually use [HTTP::uri] paired with the redirect command to make sure that I do a redirect with the full path they already have. you could write a full HTTP::respond yourself, but I find the HTTP::redirect easier 🙂