F5 rule for TLS redirect

Question

Hi i am beginner trying to get a F5 rule to work. So any request that comes in with less than TLS 1.2 should redirect to a default page. Now i need to create a exception to this? Except for one URL send all other &lt; TLS1.2 to the default page. Here are my rules&nbsp;
when CLIENTSSL_HANDSHAKE {
    if { [SSL::cipher version] equals "TLSv1.2"  } then {
        set deny_reason ""
    } else {
        set deny_reason [URI::encode [b64encode "Denied SSL Handshake for Client [IP::client_addr]:[TCP::client_port] using [SSL::cipher version], [SSL::cipher name] and [SSL::cipher bits]"]]
    }
  }&nbsp;
when HTTP_REQUEST {
if { ($deny_reason ne "") and not ([HTTP::uri] starts_with "/myvalue")} then {
HTTP::respond 302 Location "MyURL?reason=$deny_reason" Cache-Control No-Cache Pragma No-Cache Connection Close
}
}&nbsp;
This rule breaks every thing and the website does'nt work. Appreciate any help.&nbsp;

stanislas_piro2 · Answer

Did you look at the ltm log file? Is there tcl error events?&nbsp;

stanislas_piro2 · Answer

Please, when you post content, use formatting buttons just above text to make it readable!&nbsp;

Forum Discussion

F5 rule for TLS redirect

2 Replies

Recent Discussions

LDAPS and renegotiation

Need advise to setup a policy on F5

Web acceleration

What are the different phases in DevOps?

Create a CSR and Key using the BigIP LTM GUI when renewing a certificate

Related Content

F5 Distributed Cloud Origin Server Subset Rules

LTM Cipher rule

Anchor Link Redirect

Logging all AFM Rules

.htaccess to Nginx rules