VMware Networking Community
vmmedmed
Enthusiast
Enthusiast
‎01-03-2017 05:21 PM
Jump to solution

NSX Load Balancer: Changing requests to http://foo.com to https://foo.com

The documentation and HA Proxy guide seem to be showing me to many use cases. I just have the very simple case

where I have a Virtual Server setup for https://foo.com. But in the event that someone happens to type in http://foo.com

I want direct them to https://foo.com. What are the minimum number of statements in an Application Rule in order

to be able to accomplish this? Thank you.

The example int he documentation is below. But that looks to me like it's more than I need.

HTTP/HTTPS redirection based on condition

An application profile allows you to specify HTTP/HTTPS redirection, which always redirects traffic regardless of the request URLs. You also have the flexibility to specify the conditions in which HTTP/HTTPS traffic should be redirected.

move the login URL only to HTTPS.

acl clear dst_port 80

acl secure dst_port 8080

acl login_page url_beg /login

acl logout url_beg /logout

acl uid_given url_reg /login?userid=[^&]+

acl cookie_set hdr_sub(cookie) SEEN=1

redirect prefix https://mysite.com set-cookie SEEN=1 if !cookie_set

redirect prefix https://mysite.com if login_page !secure

redirect prefix http://mysite.com drop-query if login_page !uid_given

redirect location http://mysite.com/ if !login_page secure

redirect location/ clear-cookie USERID= if logout

NSX 6 Documentation Center

Reply
0 Kudos
1 Solution

Accepted Solutions
bayupw
Leadership
Leadership
‎01-03-2017 07:30 PM
Jump to solution

There are 2 options

Option 1: Use Application Profile

     - Create application profile type HTTP, put HTTP Redirect URL as: https://foo.com

     - Edit Virtual Server and apply the Application Profile

This option can redirect to different URL e.g. from http://foo.com to https://newfoo.com

Option 2.

     - Create Application Rule as below to redirect HTTP request to the same URI but HTTPS

          redirect scheme https if !{ ssl_fc }

     - Edit Virtual Server and apply the Application profile


These 2 options are documented in the NSX 6.2 LB configuration examples here: NSX-6.2 - LB configuration examples

option1.PNGoption2.PNG

Bayu Wibowo | VCIX6-DCV/NV
Author of VMware NSX Cookbook http://bit.ly/NSXCookbook
https://github.com/bayupw/PowerNSX-Scripts
https://nz.linkedin.com/in/bayupw | twitter @bayupw

View solution in original post

Reply
0 Kudos
2 Replies
rajeevsrikant
Expert
Expert
‎01-03-2017 07:10 PM
Jump to solution

Below blog explains the configuration how to achieve redirection from http://<URL> to https:<URL>

http://www.virtually-limitless.com/vcix-nv-study-guide/create-modify-and-remove-an-application-profi...

Let me know if this is useful & it works for your scenario.

Reply
bayupw
Leadership
Leadership
‎01-03-2017 07:30 PM
Jump to solution

There are 2 options

Option 1: Use Application Profile

     - Create application profile type HTTP, put HTTP Redirect URL as: https://foo.com

     - Edit Virtual Server and apply the Application Profile

This option can redirect to different URL e.g. from http://foo.com to https://newfoo.com

Option 2.

     - Create Application Rule as below to redirect HTTP request to the same URI but HTTPS

          redirect scheme https if !{ ssl_fc }

     - Edit Virtual Server and apply the Application profile


These 2 options are documented in the NSX 6.2 LB configuration examples here: NSX-6.2 - LB configuration examples

option1.PNGoption2.PNG

Bayu Wibowo | VCIX6-DCV/NV
Author of VMware NSX Cookbook http://bit.ly/NSXCookbook
https://github.com/bayupw/PowerNSX-Scripts
https://nz.linkedin.com/in/bayupw | twitter @bayupw
Reply
0 Kudos