NimbostratusHi All,
I have a virtual server created for OWA, using nPath. It has been requested to me that I restrict access to only allow requests to this virtual server containing the url owa.ourdomain.com/owa. The reason for this is so that someone doesn't setup an outlook client with owa.ourdomain.com, as we want this virtual server to only service owa.
Does anyone have a suggestion for iRule, or any other way to get this done?
Thanks!
NimbostratusHi Andy,
you can simply use an LTM Policy. In an LTM Policy, you need to define a condition and an action that is executed when the condition is met. You can filter on hostname and url's for example.
We use this solution to be able to use a single virtual server to serve multiple url's hosted on multiple backend webservers (nodes). We are able to filter on hostname and forward the request to a specific Pool. This ensures that we use only 1 public IP address for multiple websites.
Kind regards,
Gilles
NimbostratusThank you, Gilles! So if I may ask a follow-up question, when I create the policy, what parameters do I want for this particular request? I assume Strategy=first-match, Requires=http, but what do I want for controls? How do I apply it afterward?
NimbostratusActually, it seems I cannot add a policy to a VS when I'm using the "Performace L4" type, which is what I need for nPath. Unless you have a work around, it appears that I may still need an iRule.
NimbostratusHi Andy, first-match is ok. HTTP and forwarding is needed. The problem in "Performance Layer 4" is that you only have access to FastHTTP profile which I'm not sure can handle HTTP operations. LTM Policy work with Layer 7 Virtual Server. In Layer 7, you have access to the full HTTP request if you enable HTTP profile in the virtual server.
Here is a SOL where all kind of HTTP profiles are explained, I'm not sure if that helps you:
I need to check tomorrow in our environment if the Layer4 is able to handle LTM Policies. I'm not sure about that.
I will come back to you tomorrow.
Gilles