Redirect connection in virtual server

Question

I am looking to prevent a HTTPS request that ends in /owa (ie HTTPS://APP.Domain.com/OWA) to access the application (Exchange 2010).  We are preventing using Microsoft Outlook Web Access /OWA from being accessed from outside our environment.  We would like to redirect the request to the approved access portal (ie HTTPS://remote.domain.com).  Once logged into the remote application users can access the Exchange OWA.&nbsp;
&nbsp;The only protocol that will be allowed is Exchange Activesync&nbsp;
&nbsp;I am thinking:&nbsp;
&nbsp; iRule to select pool and persistence for Active Sync.
&nbsp; All other protocol redirected to remote.dot.gov
&nbsp;when HTTP_REQUEST {
&nbsp;    log local0.info "path = [HTTP::path] "
&nbsp;    switch -glob [HTTP::path] {
&nbsp;        
&nbsp;        "/Microsoft-Server-ActiveSync*" {
&nbsp;             Direct all ActiveSync clients to a common pool; use
&nbsp;             HTTP cookie persistence
&nbsp;            persist cookie
&nbsp;            pool Exch2010__single_as_pool&nbsp;
&nbsp;        }
&nbsp;        
&nbsp;        default {
&nbsp;             This final section takes all non ActiveSync traffic 
&nbsp;             and redirect it to remote.dot.gov
&nbsp;            HTTP::redirect https://[https::host][https::uri]
&nbsp;        }
&nbsp;    }
&nbsp;}&nbsp;
&nbsp;I am seeing the problem at the HTTP::redirect line.  How do I configure the redirect line to go to HTTPS://remote.domain.com?&nbsp;
&nbsp;Mike Bednarck&nbsp;&nbsp;

the_bhattman · Answer

Hi Mike, 
       https::host and https::uri do not exist.  Click Here to see the valid commands.   I am assuming that SSL is being terminated at the F5.
  That being said I think you can re-write the statement to the following :   HTTP::redirect "https://[HTTP::host]/[HTTP::uri]" 
 I hope this helps 
 Bhattman

mike_59458 · Answer

Bhattman, 
&nbsp;  
&nbsp; Okay now I don’t understand.  The protocol "/Microsoft-Server-ActiveSync” we want to accept and pass through but redirect everything else to Remote.domain.com (with no extension after the .com).  The pool and persist cookie (in fact the whole IF "/Microsoft-Server-ActiveSync” was pulled from a working iRule. 
&nbsp;  
&nbsp; If the request falls through the "/Microsoft-Server-ActiveSync” then I would like a redirect. 
&nbsp;  
&nbsp; Mike Bednarck &nbsp;

mike_59458 · Answer

Bhattman, 
&nbsp;  
&nbsp; With the 
&nbsp;  
&nbsp; HTTP::redirect "https://[HTTP::host]/[HTTP::uri]"  Do I put the remote.domain.com where the host is? 
&nbsp;  
&nbsp; Mike Bednarck &nbsp;

the_bhattman · Answer

Hi Mike, 
&nbsp;   Yes you can rewrite if you want to be more explicit &nbsp;
&nbsp; HTTP::redirect "https://remote.domain.com/" &nbsp;
&nbsp; Bhattman &nbsp;

austin_geraci · Answer

Hey Mike, just to clarify if you were to use "https://[HTTP::host]/[HTTP::uri]" you're going to redirect to the same host and uri you're currently conected to..... on HTTPS  
&nbsp; Something like that is usefull when you want to redirect http to https traffic...among other things. 
&nbsp;  
&nbsp; Also, there is an extra "/" in there.. though it will probably work you don't need it.. 
&nbsp;  
&nbsp;  &nbsp;

Forum Discussion

Redirect connection in virtual server

5 Replies

Recent Discussions

ASM instance creation

[ASM] - what is "Browser Challange file" ?

[ASM] - HTML5 Cross-Domain Request Enforcement - CLI command

Reverse Proxy Not Behaving

Stable Firmware for F5

Related Content

Integrating SSL Orchestrator with Fortinet FortiGate Virtual Edition as a Virtual Wire

pool members can't connect to another Virtual Server

After applied ASM Policy to Virtual Server, connections will reset with Internal error in log

Create F5 BIG-IP Next Instance on Proxmox Virtual Environment

Anchor Link Redirect