Forum Discussion

macf5_119017's avatar
macf5_119017
Icon for Nimbostratus rankNimbostratus
Dec 21, 2012

Best way to redirect http and https to another https site

 

Looking for some assistance/guidance on configuring an iRule that will redirect http and https traffic to our google apps login page. We currently use SAML for our login page but that will be going away soon and I need to setup a redirect for the old login page that points to our new google apps login to cutover. This is to cover those people who bookmarked the SAML login page in their browser.

 

So, I need http://email.example.com and https://email.example.com to go to https://email.google.com/a/example.com. Currently email and a few other cnames redirects to our saml login via the F5.

 

What is the best way to do this?

 

I've already created a virtual server that listens on port 80 and another on port 443 and have created an irule and attached it to these virtual servers as a resource. My irule right now is simply:

 

when HTTP_REQUEST {

 

HTTP::redirect "https://mail.google.com/a/example.com"

 

}

 

 

The redirect works when going to http://email.example.com, but fails when going to https://email.example.com. Strangely enough it works when using http://email.example.com:443. I get a

 

 

Any help would be appreciated as I am new to the platform; perhaps I am going about this all wrong.

 

Thanks!

 

 

application delivery
dev
devops
iRules

3 Replies

Sort By
  • Michael_Yates's avatar
    Michael_Yates
    Icon for Nimbostratus rankNimbostratus
    Dec 21, 2012
    Hi macf5,

    I didn't experience the issue that you did with the redirect not working on HTTPS, but there are several ways you could do this.

    If you will be adding to the number of sites that map to the same Virtual Server you could use a Switch Statement or make the redirect more dynamic. In my example below I made it a Permanent 301 Redirect: 

    
Switch Method:
when HTTP_REQUEST {
switch -glob [string tolower [HTTP::host]] {
"www.website.com" -
"www1.website.com" { HTTP::respond 301 Location "https://[getfield [HTTP::host] ":" 1]/a[HTTP::uri]" }
"www2.website.com" -
"www3.website.com" { HTTP::respond 301 Location "https://[getfield [HTTP::host] ":" 1]/b[HTTP::uri]" }
}
}
Dynamic 301
when HTTP_REQUEST {
HTTP::respond 301 Location "https://[getfield [HTTP::host] ":" 1]/b[HTTP::uri]"
}

    Hope this helps.
  • What_Lies_Bene1's avatar
    What_Lies_Bene1
    Icon for Cirrostratus rankCirrostratus
    Dec 21, 2012
    Do you have a suitable ClientSSL profile and HTTP profile attached to the 443 Virtual Server? Can you post it's configuration? Your rule is spot on and should work.
  • Arie's avatar
    Arie
    Icon for Altostratus rankAltostratus
    Jan 04, 2013

    Wouldn't it be easier to simply configure a CNAME (e.g. mail.company.com) in DNS to point to Google? This is supported by Google Apps.