Jump to content
Welcome to our new Citrix community!

URL Redirection to Alternate URL


Sudhir Bhagat

Recommended Posts

Hi All, 

 

How to redirect to alternate url and on alternate port.

 

Eg :- http://abc.com:7125/login (resolving with IP 10.10.10.100)

 

Redirection to https://123.com:9900/login

 

As of now , we have content switching LTM available with port 7125 , Will this be done through RESPONDER policy.

 

regards

Link to comment
Share on other sites

Hi,

 

You can use URL Rewrite or responder.

 

If you wish to use responder you can try this. You can change the parameter according to your need. 

 

add responder action ACT_URL_Redirect "\"https://123.com:9900/login\"" -responseStatusCode 302

add responder policy POL_URL_Redirect "HTTP.REQ.URL.CONTAINS(\"http://abc.com:7125/login\")" ACT_URL_Redirect

 

Thanks 

Manoj

 

 

Link to comment
Share on other sites

In General:

If you are redirecting users from OLD thing to NEW thing, the NEW thing has to be accessible client side.

User makes a request to X and a responder redirects to Y, client makes new request to Y.

 

If you are making the change where a client connects to X and you ask the ADC to fetch Y server side, then this is usually a REWRITE or other backend change and the client never sees it.

Whether this is done using explicitly rewrite policies OR some soert of frontend vs backend change depends on the nature of the transaction.

 

For your above scenario:

Client request to:   http://abc.com:7125/login (resolving with IP 10.10.10.100) 

needs to be Redirected to: https://123.com:9900/login

 

The redirect implied a responder policy and you would infact need both the new FQDN and port to be resolvable client side.

Since you are also doing http to https, this wouldn't be appropriate with just a rewrite or frontend LB/cs http to backend lb HTTPS (wouldn't fix anything).

 

So to narrow down your scenario:

1) Protocol Change:  Do you need user requests to go from http to https (must be done with responder/redirect)?

2) FQDN Change:  Is the change from abc.com to 123.com supposed to be seen by client or happen completely backend?  This will determine whether responder, rewrite, or other mechanism is needed?

3) PORT Change:  (might be determined by part (1) anyway):  Will user request to http:7125 be redirected to https:443 or https:9900. If the user needs to see the protocol and port change, then your RESPONDER policy with REDIRECT is required and you will need a cs vserver or lb vserver on https:443 or https:9900 (depending on the actual requirement) to be present. Likely this would also require your FQDN Change to be resolvable client side (dns included). 

 

If you can clarify what changes you need client to see and which ones need to happen backend, we can do that, just note:

you really can't do client to vserver HTTP and ADC to backend HTTPS as there would be no client-side encryption.

Whether the client sees the HTTPS:443 or HTTPS:<New Port> and the old vs new name client side would affect options....

 

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...