Nimbostratus
NimbostratusThanks for the reply. We already have a redirect in place, but not sure it's the way you recommended. Below are the pieces of the configuration (scrubbed of course) as it is now. I'm not sure how to incorporate what you recommend into what is already in place? Appreciate any and all help.
ltm pool /DMZ/WEB1.app/WEB1_pool {
app-service /DMZ/WEB1.app/WEB1
load-balancing-mode least-connections-node
members {
/DMZ/10.1.1.137:443 {
address 10.1.1.137
app-service /DMZ/WEB1.app/WEB1
}
/DMZ/10.1.1.138:443 {
address 10.1.1.138
app-service /DMZ/WEB1.app/WEB1
}
}
monitor /DMZ/WEB1_https_monitor
slow-ramp-time 300
ltm rule /DMZ/WEB1_redir {
when HTTP_REQUEST {
switch -glob [string tolower [HTTP::uri]] {
"/contracts" { HTTP::redirect "https://WEB1.whatever.com/contracts" }
"/ppl" { HTTP::redirect "https://WEB1.whatever.com/ppl" }
"/komws" { HTTP::redirect "https://WEB1.whatever.com/komws" }
default { HTTP::redirect "https://WEB1.whatever.com/kom" }
}
}
}
ltm rule /DMZ/WEB1_sorry {
when HTTP_REQUEST {
if {[active_members WEB1_pool] < 1}{
HTTP::redirect http://www2.whatever.com/kiosk/maintenance } }
}
ltm virtual /DMZ/WEB1.app/WEB1_http_virtual {
app-service /DMZ/WEB1.app/WEB1
destination /DMZ/10.2.2.176:80
ip-protocol tcp
mask 255.255.255.255
profiles {
/DMZ/WEB1.app/WEB1_http_profile { }
/DMZ/WEB1.app/WEB1_lan-optimized_tcp_profile {
context serverside
}
/DMZ/WEB1.app/WEB1_wan-optimized_tcp_profile {
context clientside
}
}
rules {
/DMZ/WEB1_redir
}
translate-address enabled
translate-port enabled
vlans-disabled
}
ltm virtual /DMZ/WEB1.app/WEB1_https_virtual {
app-service /DMZ/WEB1.app/WEB1
destination /DMZ/10.2.2.176:443
ip-protocol tcp
mask 255.255.255.255
persist {
/Common/source_addr {
default yes
}
}
pool /DMZ/WEB1.app/WEB1_pool
profiles {
/Common/fastL4 { }
}
translate-address enabled
translate-port enabled
vlans-disabled
ltm monitor https /DMZ/WEB1_https_monitor {
cipherlist DEFAULT:+SHA:+3DES:+kEDH
compatibility enabled
defaults-from /Common/https
destination *:*
interval 30
password password
recv "Application Health = GOOD"
send "GET /mah/Default.aspx HTTP/1.1\\r\\nHost: WEB1.whatever.com\\r\\nConnection: Close\\r\\n\\r\\n"
time-until-up 0
timeout 91
username uid=username,ou=administration,dc=whatever,dc=com
}
ltm persistence cookie /DMZ/WEB1.app/WEB1_cookie_persistence_profile {
app-service /DMZ/WEB1.app/WEB1
ltm profile client-ssl /DMZ/WEB1.app/WEB1_clientssl {
app-service /DMZ/WEB1.app/WEB1
cert /Common/ABC-Wildcard-Cert.crt
defaults-from /Common/clientssl
key /Common/ABC-Wildcard-Key.key
ltm profile http /DMZ/WEB1.app/WEB1_http_profile {
app-service /DMZ/WEB1.app/WEB1
defaults-from /Common/http
redirect-rewrite matching
ltm profile http-compression /DMZ/WEB1.app/WEB1_wan-optimized-compression_profile {
app-service /DMZ/WEB1.app/WEB1
content-type-include { text/ application/vnd.ms-publisher "application/(xml|x-javascript|javascript|x-ecmascript|ecmascript)" "application/(word|doc|msword|winword|ms-word|x-word|x-msword|vnd.word|
vnd.msword|vnd.ms-word)" "application/(xls|excel|msexcel|ms-excel|x-excel|x-xls|xmsexcel|x-ms-excel|vnd.excel|vnd.msexcel|vnd.ms-excel)" "application/(powerpoint|mspowerpoint|ms-powerpoint|x-powerpoint|x-
mspowerpoint|vnd.powerpoint|vnd.mspowerpoint|vnd.ms-powerpoint|vnd.ms-pps)" "application/(mpp|msproject|x-msproject|x-ms-project|vnd.ms-project)" "application/(visio|x-visio|vnd.visio|vsd|x-vsd|x-vsd)"
"application/(pdf|x-pdf|acrobat|vnd.pdf)" }
defaults-from /Common/wan-optimized-compression
ltm profile one-connect /DMZ/WEB1.app/WEB1_oneconnect {
app-service /DMZ/WEB1.app/WEB1
defaults-from /Common/oneconnect
source-mask 255.255.255.255
ltm profile tcp /DMZ/WEB1.app/WEB1_lan-optimized_tcp_profile {
app-service /DMZ/WEB1.app/WEB1
defaults-from /Common/tcp-lan-optimized
}
ltm profile tcp /DMZ/WEB1.app/WEB1_wan-optimized_tcp_profile {
app-service /DMZ/WEB1.app/WEB1
defaults-from /Common/tcp-wan-optimized