08-25-2011 11:32 AM
I'm attempting to redirect SSL from the base site to a different page on the same SSL site. I want to redirect https://10.4.16.54/* to https://10.4.16.54/AHC/SitePages/Home.aspx. If I enter https://10.4.16.54/AHC/SitePages/Home.aspx, site loads, but if I enter simply https://10.4.16.54, it times out. The ssl_sharepoint service is my ssl_proxy_list. Thanks for any help.
content Sharepoint_https
flow-timeout-multiplier 10
sticky-inact-timeout 35
vip address 10.4.16.54
application ssl
add service ssl_sharepoint
advanced-balance ssl
url "/*"
port 443
protocol tcp
redirect "/AHC/SitePages/Home.aspx"
active
content Sharepoint_https_redirect
vip address 10.4.16.54
application ssl
advanced-balance ssl
flow-timeout-multiplier 10
sticky-inact-timeout 35
add service ssl_sharepoint
port 443
protocol tcp
url "/AHC/SitePages/Home.aspx"
active
08-25-2011 03:44 PM
Hi Gary,
First off I'll recommend you to clean up the URL and redirect command from your 443 rules, as 443 is encrypted the CSS is not able to look at layer 5 info within the traffic, making this commands useless for these rules.
That being said; since you're using SSL termination your configuration for HTTPS-to-HTTPS redirect would look like this:
content Sharepoint_https
vip address 10.4.16.54
application ssl
advanced-balance ssl
flow-timeout-multiplier 10
add service ssl_sharepoint
port 443
protocol tcp
active
content Sharepoint_https_redirect
vip address 10.4.16.54
port 80
protocol tcp
url "/*"
redirect "https://10.4.16.54/AHC/SitePages/Home.aspx"
active
content Sharepoint_http_Aspx
vip address 10.4.16.54
port 80
advance-balance arrowpoint-cookie
add service Sharepoint-1
add service Sharepoint-2
protocol tcp
url "/AHC/SitePages/Home.aspx"
active
Here I'm assuming that you're not using backend SSL and your clear port is 80
Basically, traffic comes as https://10.4.16.54, hits the encrypted rule that send the traffic to the SSL proxy list for decryption, once decrypted traffic is sent to the clear text content rule, since there's no URI the request matches the rule with the wildcard URL "/*". This rule performs a redirect an indicates to the client to come back this time with the URI described ... process starts all over but this time the request will match the second clear text rule as the URI is more specific.
HTH
__ __
Pablo
08-25-2011 05:01 PM
Thanks much for the code and clarification, Pablo. Exactly what I was trying to accomplish. Thanks, again.
gary
08-25-2011 06:52 PM
Hi Gary,
Glad to be of help
__ __
Pablo
08-26-2011 06:42 AM
One more question. The redirect works great for sharepoint links that explicitly end w/the “Home.aspx”. However, if the underlying link stops w/the directory only, it fails on the content switch, redirecting to the initial home page. If you access the same URL on the server directly, it adds the “Home.aspx” correctly.
Do I need to do a remapping or a different redirect? Any suggestions w/b greatly appreciated. Thanks.
gary
08-26-2011 09:22 AM
Hi Gary,
Can you look within your config for all the rules with VIP 10.4.16.54 and copy/paste them here.
The 3 rules provided should be enough to redirect all the URL's regardless of the URI path.
__ __
Pablo
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide