HTTPS pass thru config needs maintenance page

Question

Hello - &nbsp;
&nbsp;LTM 9.3.1
&nbsp;We have a configuration where clients via browsers connect to a VIP using https. The https is not terminated but passed through to the back-end servers. I've been trying to come up with an irule to redirect  clients to a pardon via http when there no active servers in the pool. The pardon page exists on a pardon webserver that handles pardon pages for various applications.  e.g. http://pardonserver/application_name &nbsp;
&nbsp;Since I cannot use HTTP:redirect, is there another way to do this. &nbsp;
&nbsp;Thank you -Jim. &nbsp;&nbsp;

hooleylist · Answer

Hi Jim, 
&nbsp;  
&nbsp; http://devcentral.f5.com/wiki/default.aspx/iRules/HTTPS_passthrough_fallback_URL.html 
&nbsp;  
&nbsp; This iRule allows an administrator to pass HTTPS traffic through the BIG-IP wtihout decrypting it. If there are no nodes available in the pool, the rule will use a client SSL profile and HTTP profile to decrypt the HTTPS and issue a redirect to a maintenance page. 
&nbsp;  
&nbsp; The iRule depends on having the SSL certificate and key imported to the BIG-IP, configured in a client SSL profile and attached to the virtual server. An HTTP profile must also be associated with the virtual server. The virtual server and pool would typically be configured for HTTPS on port 443. 
&nbsp;  
&nbsp; Aaron

jim_24689 · Answer

Thank you Aaron! &nbsp;

Forum Discussion

HTTPS pass thru config needs maintenance page

2 Replies

Recent Discussions

F5Access | MacOS Sonoma

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

Enabling AVR and creating Profiles

Get associated pool name from VIP IP using F5-LTM

Disacard SSL::cert mode to ignore when default SSLClient profile is set to request or require

Related Content

iRule HTML Maintenance Page insert URI Value

virtual server config

iRules Recipe 4: Static Maintenance Page

Config NGINX to F5

Alteon Config Converter