Nimbostratus
I have a VIP on 443 and pool members on port 80
So, am planning to go with use the same vip with port 8080 and same pool with pool 8080.
------
https://10.10.30.45 pool(30.20.40.2:80,30.20.40.3:80)
same: https://10.10.30.45:8080 pool(30.20.40.2:8080,30.20.40.3:8080)
Help me write redirectrule on 443
Cirrostratus
If you define the VIP on the port you want clients to connect to and define the pool members on the ports you want LTM to connect to them on and leave port translation enabled (as it is by default) you don't need an iRule. If you also want LTM to decrypt the client side traffic you'll want to import the SSL cert and key, create a client SSL profile and add it to the VIP. If you want LTM to re-encrypt the server side connection, you would add a server SSL profile as well. The LTM configuration guide on AskF5 has details on these options.
Aaron
Nimbostratus
I have the client SSL on the VIP and everything works fine for https://10.10.30.45 and selecting its pools.
Another request from servr team had come. saying that they need to use the same client cretificate and for a diff port on vip and pool.
So,can we write redirect rule on https://10.10.30.45 as when a request with host https://10.10.30.45:8080 comes redirect to pool(30.20.40.2:8080,30.20.40.3:8080)
Cirrostratus
VIP1: 10.10.30.45:443 -> Pool1: 30.20.40.2:80, 30.20.40.3:80
VIP2: 10.10.30.45:8080 -> Pool2: 30.20.40.2:8080, 30.20.40.3:8080
If both require client side SSL you could add the same client SSL profile to each VIP.
I'm not sure whether you actually want to reply to some requests with a redirect. Can you elaborate on this?
Aaron