Edge Security Pack (ESP) Custom Port

Scope

If a situation arises where a client has a custom port appended to the FQDN/URL, for example, https://mail.kemptest.com:8080, you will need to remove the custom port before it gets processed or passed to the ESP engine. Otherwise you will end up in an authentication loop because the Authentication Cookie is stripped. 

Solution

To overcome this behavior, create a content rule to remove :8080. You need one SubVS where your ESP production traffic is forwarded. The Content Rule will be applied on the top-level Virtual Service.

Configuration

1. Create the content rule

In the LoadMaster Web User Interface (WUI), go to Rules & Checking > Content Rules > Create New.

Match String =   /^.*(.*)/

Remove8080_content_rule.png

 2. Apply the content rule

Virtual Services > View/Modify Services > Modify > Advanced Properties > Show Header Rules > Request Rule > Apply Remove8080 rule. The rule is applied on the top-level Virtual Service.

 

3. Create the SubVS

In the WUI, go to Virtual Services > View/Modify Services > Modify > Real Servers > Add SubVS and name it accordingly. First, remove any Real Servers that are assigned to the top-level Virtual Service. Configure the SubVS as if it were a regular Virtual Service by enabling and configuring ESP, adding Real Servers, Scheduling Methods etc...

 

Was this article helpful?

0 out of 0 found this helpful

Comments