connection rests on wildcard VIP

Question

Hi, I've got a wild virtual wit the below irule restricting access, redirecting based on the incoming port and so on...
when CLIENT_ACCEPTED { 
    if { ([TCP::local_port] == 80) || ([TCP::local_port] == 9082) } {
        SSL::disable
        } 
    elseif { [TCP::local_port] != 443 }{ 
        reject 
    } 
}
when HTTP_REQUEST { 
    if { ([TCP::local_port] == 80) } {
        HTTP::redirect https://[getfield [HTTP::host] ":" 1][HTTP::uri] 
        } 
    if { ( [TCP::local_port] == 9082 &amp;&amp; [HTTP::host] contains ":") } {
        HTTP::redirect https://[getfield [HTTP::host] ":" 1][HTTP::uri] 
        }
}&nbsp;
This works great for the first three links below, always end up at .  The 4th link though the F5 is resetting the client connection though - always.  3-way handshake completes, then a PSH,ACK from the client, the f5 ACKS that then immediately resets the connection.  I'm perplexed particularly as all three of the first ones work.  Any ideas.  Thanks folks,&nbsp;
&nbsp;
&nbsp;
&nbsp;
&nbsp;

faruk_aydin · Answer

Hi Guy,&nbsp;
This is a normal situation. Because the 4th link starts https and every browser uses TLS/SSL while accessing this type of link., but in your irule SSL is disabled after TCP handshake completes(when CLIENT_ACCEPTED). &nbsp;

Forum Discussion

connection rests on wildcard VIP

1 Reply

Recent Discussions

F5 terminal - help to run commands - disk space full

vulnerabilities-CVE-2020-16150 & CVE-2013-0169

google autenticator broken barcode

Error while running ansible

ASM instance creation

Related Content

Beyond REST: Protecting GraphQL

iControl REST Authentication Token Management

Wildcard Parameter signature attack

Securely connecting Kubernetes Microservices with F5 Distributed Cloud

Troubeshooting website connection