Simple VS to Redirect LoadMaster's own Admin Web UI HTTP traffic to HTTPS


Hi, i'm new to LoadMaster but i've been able to successfully setup a Hyper-V virtual appliance and configured one HTTP/HTTPS virtual service with port 80 redirection, two real servers, re-encryption, etc. 


My question is about the Admin Web UI traffic... I know that OOTB the LoadMaster Admin Web UI is NOT reachable via HTTP... you must connect to HTTPS://my.ip.addr.ess

So I created a simple virtual service to redirect traffic from LoadMaster's Admin Web UI port 80 to port 443 and I am now able to type in the browser and be automatically redirected to https...

My concern is whether this is advisable to do.

Assume the following config:

  • the virtual appliance has only one interface/IP
  • is configured in DNS and points to LM's IP.
  • I've replaced the Administrative SSL cert for the Admin Web UI with one that was generated by my internal Certificate Authority

It's all working nicely, i'm just concerned whether this setup can create any issues i'm not aware of.


thanks in advance.



Tony Vaughan

Hello Seb,

I believe you already highlight the extra steps needed,
my main points to be aware of would be

1. the client would see the redirect, depending on the client's browser security it may complain about this
this isn't an issue more than it is an annoyance

2. by default the LoadMaster will present its own cert which would be different from the FQDN that you use and would show a security warning,
you mentioned that you have already changed the cert so this is not an issue

3. depending on your environment, security scans against the LoadMaster may highlight that HTTP port 80 is opened
please see this link for more details



Thank you for the reply Tony.

duly noted..

i was a bit worried because if HTTPs is a requirement, then (maybe) one might expect the appliance to automatically redirect Admin UI clear-text traffic to HTTPS right OOTB.

I thought, perhaps there is a reason that the vendor didn't do this at the factory, so i was concerned whether the reason had anything to do with some type of network failure or vulnerability this configuration might unveil on the appliance.

just checking.

thanks again for replying.