Forum Discussion

brepav123_22459's avatar
brepav123_22459
Icon for Cirrus rankCirrus
Mar 09, 2016

iRule for redirecting to external site

Hi everyone, im trying to create an iRule which takes an HTTPS request and redirects it towards an external site. Basically taking an incoming request, changing the domain name, then keeping the same file path on the URL. All ive been able to find online was basic HTTP to HTTPS irules but i cant get those to work with HTTPS. I dont want to send it to a node.

 

Thanks for all replies!

 

application delivery
BIG-IP
irule
LTM

8 Replies

Sort By
  • Brad_Parker_139's avatar
    Brad_Parker_139
    Icon for Nacreous rankNacreous
    Mar 09, 2016

    First of all your VIP will require an HTTP profile and subsequently a client SSL profile since you say your site is HTTPS. After you have those things, this simple iRule will preform a redirect and keep the URI in the original request.

    when HTTP_REQUEST {
    HTTP::respond 302 noserver Location "https://new.domain.name[HTTP::uri]"
}
    • brepav123_22459's avatar
      brepav123_22459
      Icon for Cirrus rankCirrus
      Mar 09, 2016
      Thanks Brad for that info. Will that keep the connection going through the F5 or does it redirect the client outside the F5? Reason being we have a client who is only capable of TLS 1.0 and they need to access a site that only allows TLS 1.2. So we want to make sure the interaction runs through the F5 so the connection from the F5 to the server is 1.2 and the F5 to the client is 1.0. Thanks!
    • Brad_Parker_139's avatar
      Brad_Parker_139
      Icon for Nacreous rankNacreous
      Mar 09, 2016
      What you are asking for is not a redirect then. Is the site behind the F5 LTM?
    • Krishna_R's avatar
      Krishna_R
      Icon for Nimbostratus rankNimbostratus
      Apr 26, 2016
      Hi Brad, This above request can be achieved by policy. Correct?
  • Brad_Parker's avatar
    Brad_Parker
    Icon for Cirrus rankCirrus
    Mar 09, 2016

    First of all your VIP will require an HTTP profile and subsequently a client SSL profile since you say your site is HTTPS. After you have those things, this simple iRule will preform a redirect and keep the URI in the original request.

    when HTTP_REQUEST {
    HTTP::respond 302 noserver Location "https://new.domain.name[HTTP::uri]"
}
    • brepav123_22459's avatar
      brepav123_22459
      Icon for Cirrus rankCirrus
      Mar 09, 2016
      Thanks Brad for that info. Will that keep the connection going through the F5 or does it redirect the client outside the F5? Reason being we have a client who is only capable of TLS 1.0 and they need to access a site that only allows TLS 1.2. So we want to make sure the interaction runs through the F5 so the connection from the F5 to the server is 1.2 and the F5 to the client is 1.0. Thanks!
    • Brad_Parker's avatar
      Brad_Parker
      Icon for Cirrus rankCirrus
      Mar 09, 2016
      What you are asking for is not a redirect then. Is the site behind the F5 LTM?
    • Krishna_R's avatar
      Krishna_R
      Icon for Nimbostratus rankNimbostratus
      Apr 26, 2016
      Hi Brad, This above request can be achieved by policy. Correct?