Forum Discussion

Nimbostratus

Nov 10, 2014

Solved

Manage SFTP with iRule

Hi all, I have a Virtual Server that listens on every port (0) which it has to do. I want to point my SFTP traffic to different servers based on which customer it is. For HTTP traffic I am looking ...

application delivery

devops

iRules

mimlo_61970
Nov 12, 2014
Yes, an http profile on a non http protocol will break the connection. The http profile is going to validate the data meets http specifications, and it will not.

I don't think you can enable/disable/change the HTTP profile in an irule(I assumed you could when I said it above, but after further research it appears you can't), so a separate port 22 vip is probably required. I think you can keep your port 0 vip and just add a port 22 vip for sftp. If I remember correctly it will use the port 22 vip when it matches that port, and the port 0 vip for everything else. The the entire need for the irule goes away.

Hans_Schneider2

Nimbostratus

Nov 11, 2014

Hi,

I can see that the log prints out "FTP TRAFFIC!!" so the iRule works. I have been monitoring the SFTP server with wireshark but I don't see any requests on port 22 reaching the server. Something with the F5 configuration seems to be wrong. Any other ideas?

Forum Discussion

Manage SFTP with iRule

Recent Discussions

Portal Access to HTTPS resources slow

Telemetry streaming to Elasticsearch

Provisioning r2600 equipment

Could not connect to SMTP host.

Block CBC

Related Content

iRules Change Management

management interface failover

Routing application traffic through management interface

BIG-IQ - management interface SSL certificate

BIG-IQ Managed LTM not removing message "Managed by BIG-IQ"