Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Answers

HTTP to HTTPS redirect using I Rule

Hi, Looking for some advice regarding I Rules, I am totally new to this area, So the questions may seem very obvious ! The scenario goes like this:

I have a Big IP LTM and it currently has a VIP configured for client side SSL offloading complete with SSL profile etc, All good so far, What I am looking to achieve is to mop up HTTP requests that are being sent to this VIP, I want to use an I Rule and can see that F5 have kindly packaged one ready to go called _sys_https_redirect, If I create another VIP with the same IP and configure for HTTP and add I Rule _sys_https_redirect will this simply redirect the traffic to the HTTPS VIP ? Or is this wishfull thinking ? Do I also need to add the config hierarchy to the HTTP VIP ie Pool, Node etc ?

Thanks

Ross

0
Rate this Question

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Yeah, that's pretty much it. You don't need a pool since it's just redirecting it to your HTTPS Virtual Server.

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Yes, simply create an HTTP VIP (same IP) and add HTTP Profile and iRule. No need for any other configuration, Pool for example. The traffic will hit the VIP and be redirected immediately.

Rgds

N

0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Many thanks for clearing that up and for responding so quickly.

Thanks and Regards

Ross

0
Comments on this Answer
Comment made 05-Jan-2015 by nathan 7337
no probs
0
placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Another point that I forgot to mention which may be of importance ! My HTTPS VIP port is not configured to the standard port of 443, I have configured it in the 8000 range, Will this have any affect on _sys_https_redirect I Rule ?

Thanks

Ross

0
Comments on this Answer
Comment made 21-Jan-2016 by NetworkNerd 0
Yes, that would be a problem, since browsers consider HTTPS to be on port 443. A modification to the iRule would be necessary in your case.
0