Forum Discussion

Hawary's avatar
Hawary
Icon for Nimbostratus rankNimbostratus
Dec 22, 2019

Multiple subdomains on same public IP with same back end server.

hi guys,

I'm trying to host multiple HTTPS subdomains on same public IP with Wild card certificate and same backend servers. for example, i have this subadomains:

x.domain.com

y.domain.com

z.domain.com

all are hosted with same public IP with wild card certificate. all these applications hosted on same back end server with different ports on it.

i tried by creating an irule like below:

 

when HTTP_REQUEST {

  switch -exact -- [string tolower [HTTP::host]] {

    "x.domain.com" { pool Pool_x }

    "y.domain.com" { pool Pool_y }

"z.domain.com" { pool Pool_z}

default { pool Pool_x }

  }

}

 

and assigned to the virtual server and assigned a client ssl profile with the wild card certificate but it not working as expected. do i miss something here? do i need to use SNI?

 

application delivery
BIG-IP
LTM

6 Replies

Sort By
  • Surgeon's avatar
    Surgeon
    Ret. Employee
    Dec 22, 2019

    What is your VIP config?

    What error do you see on the client side?

    How did you identify that it is not working for you?

  • Hawary's avatar
    Hawary
    Icon for Nimbostratus rankNimbostratus
    Dec 27, 2019

    Hi Surgeon,

    thanks for your reply.

    the VIP config as below:

    destination IP: x.x.x.x

    port : 443

    http profile: default profile

    SNAT: AutoMap

    port translation: enabled

    oneconnect profile: default profile

    pool: none

    persistency: cookie

     

    the error at the user is that no page loaded, it gives page can't be displayed for all the sub-domains.

    it's not working because no application appears, all gives page can't be displayed

    • jaikumar_f5's avatar
      jaikumar_f5
      Icon for MVP rankMVP
      Dec 28, 2019

      Can you share the curl output of it, run it from F5 bash.

      curl -kv https://x.domain.com

      If required, try with the VIP too and pass host header in it as well.

      • Hawary's avatar
        Hawary
        Icon for Nimbostratus rankNimbostratus
        Dec 31, 2019

        Hi Jaikumar,

        i will try this command and update here but how you can pass the host header?

  • SWJO's avatar
    SWJO
    Icon for Cirrostratus rankCirrostratus
    Dec 30, 2019

    Hi

     

    Did you configured server-ssl profile?

    • Hawary's avatar
      Hawary
      Icon for Nimbostratus rankNimbostratus
      Dec 31, 2019

      Hi SWJO,

      why we need to configure server-ssl profile? the communication between the F5 and the back end server will be on the ports used by the applications like 80 or 8080.