Kemp Support, how can we help?

The latest application delivery knowledge and expertise at your fingertips.

How to remove a custom port for ESP processing

Scope

If a situation arises where a client has a custom port appended to the FQDN/URL, for example, https://mail.kemptest.com:8080, you will need to remove the custom port before it gets processed or passed to the ESP engine. Otherwise you will end up in an authentication loop because the Authentication Cookie is stripped by the browser. 

Solution

To overcome this behavior, create a content rule to remove :8080. You need one SubVS where your ESP production traffic is forwarded. The Content Rule will be applied on the top-level Virtual Service.

Configuration

1. Create the content rule

In the LoadMaster Web User Interface (WUI), go to Rules & Checking > Content Rules > Create New.

Match String =   /^mail.kemptst.com:8080$/

remove_port.png

 2. Apply the content rule

Virtual Services > View/Modify Services > Modify > Advanced Properties > Show Header Rules > Request Rule > Apply Remove8080 rule. The rule is applied on the top-level Virtual Service.

 

3. Create the SubVS

In the WUI, go to Virtual Services > View/Modify Services > Modify > Real Servers > Add SubVS and name it accordingly. First, remove any Real Servers that are assigned to the top-level Virtual Service. Configure the SubVS as if it were a regular Virtual Service by enabling and configuring ESP, adding Real Servers, Scheduling Methods etc...

 

 

ESP Client Certificates

If you're doing ESP Client Certificates then you simply have to add "*" at the end of your "Allowed virtual Hosts". 

 Related KB

Edge Security Pack (ESP) SharePoint Logoff String

 

 


Was this article helpful?
0 out of 0 found this helpful

Comments