Jump to content
Welcome to our new Citrix community!

How to redirect in responder to a different service group for a given path?

Go to solution Solved by Nicola Campaci,

Recommended Posts

Please help me translate the irule from f5 to the responder:

if { [HTTP::uri] starts_with "/cms" } then {
HTTP::redirect https://[getfield [HTTP::host] ":" 1][HTTP::uri]
pool Portal-7091
} }

I'm just learning NetScaller and I'd appreciate your help :-)

Best regards,


Link to comment
Share on other sites

I don't know anything about f5 but my best guess by looking that, is that this rule does http to https redirect when user requests uri "/cms" and it's only attached to 80/http VIP? If you want to achieve same thing with NetScaler, here you go:

Responder action: "https://" + HTTP.REQ.HOSTNAME + HTTP.REQ.URL
Responder policy: HTTP.REQ.URL.STARTSWITH("/cms")

Link to comment
Share on other sites

@PiotrPWhat is the complete condition of the rule? I think the redirect part of the rule can be converted using responder. 
add responder action rsact_Portal-7091 redirect "\"https://\"+http.REQ.HOSTNAME+http.REQ.URL.PATH_AND_QUERY" -responseStatusCode 302
add responder policy rspol_Portal-7091 "http.REQ.URL.PATH.STARTSWITH(\"/cms\")" rsact_Portal-7091
If there is single condition you can translate using LB VIP, one of port 80, other on port 443. If there are multiple such conditions, you would need CS VIP with corresponding CS policies checking for url path. 


Link to comment
Share on other sites

Thank you very much for your answers!

@Shruti Vijay Dhamale

The principle of irule is to redirect the /cms path to another node port. The nodes servicing the portal operate on port 7090 and the nodes responsible for cms management operate on port 7091. The user enters the VIP address (ports 80/443) and depending on whether it is / or /cms, they are sent to diffrent nodes (pool in f5 or service group in NetScaller ).

It's not a simple redirection from http to https

Best regards,


Link to comment
Share on other sites

  • Solution
Posted (edited)

To do what you want, you have to use the content switching functionality
1) Create non-addressable lb vserver (vip-7090)with service group in port 7090
2) Create non-addressable lb vserver (vip-7091) with service group in port 7091
3) Create cs vserver in port 443 and final service ip
4) Bind the vip-7090 as Default lb vserver, inside the cs
5) Create and bind a CS policy with rule http.REQ.URL.PATH.STARTSWITH(\"/cms\"to the CS vserver with target the vip-7091
At this point you have a service in 443 that does what you want and you can only apply the redirect of 80 to 443




Edited by Nicola Campaci
Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...