Application Delivery (ADX)

Reply
Contributor
Posts: 25
Registered: ‎05-04-2009

Force mgmt via HTTPS not HTTP

Is there any way to force users to use HTTPS instead of HTTP talking about the WebGUI? A redirect from HTTP to HTTPS would be cool.

Super Contributor
Posts: 316
Registered: ‎05-01-2009

Re: Force mgmt via HTTPS not HTTP

This is not possible with the GUI so far. All you could do it to disable HTTP access via

no web-management http

but to keep https enabled. Users could use the https://a.b.c.d/homelink to access https directly without the “intro” page.

Another option (a really strange one) would be to access a virtual server as management destination with a redirect to the SIs own IP – this could look like the following doing it for HTTP only (HTTPs would require SSL offload):

Csw-rule r1 url exists

Csw-policy p1

  Match r1 redirect 192.168.5.1 /home 443

Server real dummy a.b.c.d

  Port http

Server virtual vs-mgmt-dummy 192.168.5.222

  Port http csw-policy p1

  Port http csw

  Bind http dummy http

Ip address 192.168.5.1 255.255.255.0

Access to virtual server 192.168.5.22 via port http is going to send a redirect out to port 443 of the ServerIrons own IP address… this would work but it is a bit strange and you need at least a single dummy server (you might want to disable health checking for the dummy server). Just a thought...

Contributor
Posts: 25
Registered: ‎05-04-2009

Re: Force mgmt via HTTPS not HTTP

Is it the same talking about L3/PREM code? It looks like your example is based on L2 code due to the fact that you are using "ip address ..." as global command.

Super Contributor
Posts: 316
Registered: ‎05-01-2009

Re: Force mgmt via HTTPS not HTTP

You are right - my example is a L2 configuration. It is the same using L3/prem code except that you are doing the redirect to one of the VE ip addresses.

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.

vADC is now Pulse Secure
Download FREE NVMe eBook