Forum Discussion

Krys_Frankiewic's avatar
Krys_Frankiewic
Icon for Nimbostratus rankNimbostratus
Mar 27, 2015

HTTPS monitoring from ACE to F5

We are migrating from Cisco ACE and so far we can't set up https monitoring. On ACE we have a HTTPS probe as follow: probe https HTTPS-443-wam.ibm interval 10 faildetect 2 passdetect interval 5 passdetect count 1 request method get url /opensso expect status 302 302 header Host header-value "wam.ibm.intralink.bns"

 

On F5 I set monitoring type https: Send String: GET /opensso HTTP/1.0\r\nHost: wam.ibm.intralink.bns\r\nConnection: close\r\n\r\n Receive String: HTTP/1.1 302 OK

 

application delivery
LTM

2 Replies

Sort By
  • StephanManthey's avatar
    StephanManthey
    Icon for MVP rankMVP
    Mar 28, 2015

    Hi Krys,

    your are pretty close.

    Please modify your receive string as follows:

    HTTP/1\.[01] 30[12] (moved|found)

    The evaluation can be done by matching a regular expression.

    So both HTTP/1.0 and HTTP1.1 resposes with status codes of 301 and 302 will be accepted.

    Please do not use "OK" in case you expect a redirect.

    In this case it´s very likely to receive a "Moved" or "Found" optional string to look after.

    I haven´t found a dokumentation, what regex engine is used. But it seems to be configured case insensitive.

    The following receive String will work as well: 
    ^http/1\.[01]\s+30[12]\s+(found|moved)

    (Looks for string "http/1" followed by a literal dot at beginning of line, allows http-version 0 and 1, one or multiple whitespaces, followed by a 301 or 302, one or multiple whitespaces, followed by either "found" or "moved".)

    For testing the cURL available on your BIG-IP will be helpful (forcing HTTP/1.0 by "-0" and to dump the headers only by "-I"):

    curl -k -0 -I -H 'Host: wam.ibm.intralink.bns' 'https:///opensso'

    Thanks, Stephan

    Edited (2015-03-29): Modified to look for a literal dot and added a second regex as receive string.