Forum Discussion
Nikolay_Matveev
Nimbostratus
Ok, all good now except one thing - the internal server is HTTP only on the server side, and the VS has SSL profiles both on the client side and on the server side. Now when I select the internal pool I get "Page not available" in the browser. I assume this is because LTM is trying to negotiate SSL to the port 80 of the server that allows only HTTP.
How do I correctly disable SSL profile and under what event? Currently I am trying as follows (does not seem to be working):
when CLIENT_ACCEPTED {
if { [IP::addr [IP::client_addr] equals 192.168.1.0/24] } {
pool "/Common/POOL_SERVICEDESK_EXT_HTTPS_443"
log local0. "SERVICEDESK Client accepted, pool [LB::server pool]"
}
else {
pool "/Common/POOL_SERVICEDESK_INT_HTTP_80"
log local0. "SERVICEDESK Client accepted, pool [LB::server pool]"
disable SSL here?
SSL::disable serverside
}
}
when HTTP_REQUEST {
if { [LB::server pool] eq "/Common/POOL_FOR_EXTERNAL_SERVERS" }{
Working with headers for External server
log local0. "SERVICEDESK Request Received. Active app - External"
HTTP::header replace host "server1.external.com"
if {[HTTP::uri] equals {/}} {HTTP::uri {/support/home}}
} else {
Working with headers for Supportworks
log local0. "SERVICEDESK Request Received. Active app - Internal"
HTTP::header replace host "server2.internal.com"
or shall I disable it here?
SSL::disable serverside
}
}
when HTTP_RESPONSE {
Rewrite the Location header for redirects
if { [HTTP::header exists Location] }{
HTTP::header replace Location [string map {"https://server1.external.com" "https://app.internal.com"} [HTTP::header Location]]
HTTP::header replace Location [string map {"http://server2.internal.com" "https://app.internal.com"} [HTTP::header Location]]
}
}
Brad_Parker
Feb 12, 2015Cirrus
I personally like to set a variable like $serverSSL 0/1 in the HTTP_REQUEST then put SSL::disable in the SERVER_CONNECTED event with an if $serverSSL == 1