[f-nsp] http -> https redirect

Anil replicase at gmail.com
Thu Nov 20 12:17:05 EST 2008


Sorry, I know I defined fe-sf1-01 and fe-sf1-02 but only using -02
server in the virtual server... that was intentional, I was just
testing.


> !
> server virtual sfaccess-amer 1.2.3.6
>  port http
>  port http csw-policy "ssl-convergence"
>  port http csw
>  port ssl sticky
>  bind http fe-sf1-02 http
>  bind ssl fe-sf1-02 ssl
> !
>
> On Thu, Nov 20, 2008 at 6:03 AM, Ronald Esveld <ronald.esveld at qi.nl> wrote:
>> Sended him the correct one as well :)
>>
>>
>> Met vriendelijke groet, With kind regards,
>>
>> Ronald Esveld
>> network engineer
>>
>> Qi ict
>> Delftechpark 35-37
>> Postbus 402, 2600 AK Delft
>>
>> T : +31 15 888 0 444
>> F : +31 15 888 0 445
>> E : mailto:ronald.esveld at qi.nl
>> I : http://www.qi.nl/
>>
>> Qi ict evenementen:
>> Qi ict op de http://www.qi.nl/cms/publish/content/showpage.asp?pageid=431
>>
>> -----Oorspronkelijk bericht-----
>> Van: Mischa Peters [mailto:foundry at high5.nl]
>> Verzonden: donderdag 20 november 2008 14:54
>> Aan: Ronald Esveld
>> CC: Anil; foundry-nsp at puck.nether.net
>> Onderwerp: Re: [f-nsp] http -> https redirect
>>
>> That won't work.
>> What happens in this case is that the server will receive an HTTPS
>> request on port 80. They wouldn't know what to do with it.
>>
>> You need something like:
>>
>> csw-policy "p1"
>>  default redirect "*" "*" ssl
>> !
>> server real www1 192.168.0.2
>>  port http
>>  port http url "GET /hc.php"
>>  port ssl
>> !
>> server real www2 192.168.0.3
>>  port http
>>  port http url "GET /hc.php"
>>  port ssl
>> !
>> server virtual www 192.168.0.80
>>  port http
>>  port http csw-policy "p1"
>>  port http csw
>>  port ssl sticky
>>  bind http www1 http www2 http
>>  bind ssl www1 ssl www2 ssl
>> !
>>
>> Mischa
>>
>>> server real bla 1.2.3.4
>>> port http
>>> port http keepalive
>>> port 180
>>> !
>>> server real bla2 1.2.3.5
>>> port http
>>> port http keepalive
>>> port 180
>>>
>>> server virtual blaat 1.2.3.6
>>> port default disable
>>> port ssl sticky
>>> port http sticky
>>> bind ssl bla http bla2 http
>>> bind http bla 180 real-port http bla2 180 real-port http
>>>
>>> That should do it
>>> ROnald
>>>
>>>
>>> Met vriendelijke groet, With kind regards,
>>>
>>> Ronald Esveld
>>> network engineer
>>>
>>> Qi ict
>>> Delftechpark 35-37
>>> Postbus 402, 2600 AK Delft
>>>
>>> T : +31 15 888 0 444
>>> F : +31 15 888 0 445
>>> E : mailto:ronald.esveld at qi.nl
>>> I : http://www.qi.nl/
>>>
>>> Qi ict evenementen:
>>> Qi ict op de
>> http://www.qi.nl/cms/publish/content/showpage.asp?pageid=431
>>>
>>> -----Oorspronkelijk bericht-----
>>> Van: foundry-nsp-bounces at puck.nether.net
>>> [mailto:foundry-nsp-bounces at puck.nether.net] Namens Anil
>>> Verzonden: woensdag 19 november 2008 16:46
>>> Aan: foundry-nsp at puck.nether.net
>>> Onderwerp: [f-nsp] http -> https redirect
>>>
>>> Sorry, for the newbie question. I am not a network engineer, just
>>> supporting something someone else maintains...
>>>
>>>  SW: Version 09.5.02kTD2 Copyright (c) 1996-2003 Foundry Networks,
>>> Inc.
>>>      Compiled on Apr 22 2008 at 17:14:32 labeled as WXM09502k
>>>      (4107327 bytes) from Primary WXM09502k.bin
>>>  HW: ServerIronGT C-Series Switch, SYSIF version 21, Serial #:
>>> Non-exist
>>>
>>>
>>> Is it possible to setup a HTTP -> HTTPS redirect on the LB? I have a
>>> virtual server set as this:
>>>
>>>
>>> Virtual server: host1              Status: enabled  IP: 2.3.4.5
>>>        http -------> fe-sf1-01: 1.2.3.4,  http (Active)
>>>                      fe-sf1-02: 1.2.3.5,  http (Active)
>>>         ssl -------> fe-sf1-01: 1.2.3.4,  ssl (Active)
>>>                      fe-sf1-02: 1.2.3.5,  ssl (Active)
>>>
>>> Thanks,
>>> Anil
>>> _______________________________________________
>>> foundry-nsp mailing list
>>> foundry-nsp at puck.nether.net
>>> http://puck.nether.net/mailman/listinfo/foundry-nsp
>>> _______________________________________________
>>> foundry-nsp mailing list
>>> foundry-nsp at puck.nether.net
>>> http://puck.nether.net/mailman/listinfo/foundry-nsp
>>
>>
>



More information about the foundry-nsp mailing list