Product Documentation

Rewriting Ports and Protocols for HTTP Redirection

Aug 31, 2016

Virtual servers and the services that are bound to them may use different ports. When a service responds to an HTTP connection with a redirect, you might need to configure the NetScaler appliance to modify the port and the protocol to make sure that the redirection goes through successfully. You do this by enabling and configuring the redirectPortRewrite setting.

This setting affects only HTTP and HTTPS traffic. If this setting is enabled on a virtual server, the virtual server rewrites the port on redirects, replacing the port used by the service with the port used by the virtual server.

If the virtual server or service is of type SSL, you must enable SSL redirect on the virtual server or service. If both the virtual server and service are of type SSL, enable SSL redirect on the virtual server.

The redirectPortRewrite setting can be used in the following scenarios:

  • The virtual server is of type HTTP and the services are of type SSL.
  • The virtual server is of type SSL and the services are of type HTTP.
  • The virtual server is of type HTTP and the services are of type HTTP.
  • The virtual server is of type SSL and the services are of type SSL.
Scenario 1: The virtual server is of type HTTP and services are of type SSL. SSL redirect, and optionally port rewrite, is enabled on the service. If port rewrite is enabled, the port of HTTPS URLs is rewritten. HTTP URLs from the server are sent as is to the client.

Redirect URL from the Server

Redirect URL sent to the Client

Only SSL redirect is enabled. The virtual server can be configured on any port.

http://domain.com/

http://domain.com/

http://domain.com:8080/

http://domain.com:8080/

https://domain.com/

https://domain.com/

https://domain.com:444/

https://domain.com:444/

SSL redirect and port rewrite are enabled. The virtual server is configured on port 80.

http://domain.com/

http://domain.com/

http://domain.com:8080/

http://domain.com:8080/

https://domain.com/

https://domain.com/

https://domain.com:444/

https://domain.com/

SSL redirect and port rewrite are enabled. Virtual server is configured on port 8080.

http://domain.com/

http://domain.com/

http://domain.com:8080/

http://domain.com:8080/

https://domain.com/

http://domain.com:8080/

https://domain.com:444/

http://domain.com:8080/

Scenario 2: The virtual server is of type SSL and services are of type HTTP. If port rewrite is enabled, only the port of HTTP URLs is rewritten. HTTPS URLs from the server are sent as is to the client.

Redirect URL from the Server

Redirect URL sent to the Client

SSL redirect is enabled on the virtual server. The virtual server can be configured on any port.

http://domain.com/

https://domain.com/

http://domain.com:8080/

https://domain.com:8080/

https://domain.com/

https://domain.com/

https://domain.com:444/

https://domain.com:444/

SSL redirect and port rewrite are enabled on the virtual server. The virtual server is configured on port 443.

http://domain.com/

https://domain.com/

http://domain.com:8080/

https://domain.com/

https://domain.com/

https://domain.com/

https://domain.com:444/

https://domain.com:444/

SSL redirect and port rewrite are enabled. The virtual server is configured on port 444.

http://domain.com/

https://domain.com:444/

http://domain.com:8080/

https://domain.com:444/

https://domain.com/

https://domain.com/

https://domain.com:445/

https://domain.com:445/

Scenario 3: The virtual server and service are of type HTTP. Port rewrite must be enabled on the virtual server. Only the port of HTTP URLs is rewritten. HTTPS URLs from the server are sent as is to the client.

Redirect URL from the Server

Redirect URL sent to the Client

The virtual server is configured on port 80.

http://domain.com/

http://domain.com/

http://domain.com:8080/

http://domain.com/

https://domain.com/

https://domain.com/

https://domain.com:444/

https://domain.com:444/

The virtual server is configured on port 8080.

http://domain.com/

http://domain.com:8080/

http://domain.com:8080/

http://domain.com:8080/

https://domain.com/

https://domain.com/

https://domain.com:445/

https://domain.com:445/

Scenario 4: The virtual server and service are of type SSL. If port rewrite is enabled, only the port of HTTPS URLs is rewritten. HTTP URLs from the server are sent as is to the client.

Redirect URL from the Server

Redirect URL sent to the Client

SSL redirect is enabled on the virtual server. The virtual server can be configured on any port.

http://domain.com/

http://domain.com/

http://domain.com:8080/

http://domain.com:8080/

https://domain.com/

https://domain.com/

https://domain.com:444/

https://domain.com:444/

SSL redirect and port rewrite are enabled on the virtual server. The virtual server is configured on port 443.

http://domain.com/

http://domain.com/

http://domain.com:8080/

http://domain.com:8080/

https://domain.com/

https://domain.com/

https://domain.com:444/

https://domain.com/

SSL redirect and port rewrite are enabled on the virtual server. The virtual server is configured on port 444.

http://domain.com/

http://domain.com/

http://domain.com:8080/

http://domain.com:8080/

https://domain.com/

https://domain.com:444/

https://domain.com:445/

https://domain.com:444/

To configure HTTP redirection on a virtual server by using the command line interface

At the command prompt, type:

set lb vserver <name> -redirectPortRewrite (ENABLED | DISABLED)

Example

set lb vserver Vserver-LB-1 -redirectPortRewrite enabled

To configure HTTP redirection on a virtual server by using the configuration utility

  1. Navigate to Traffic Management > Load Balancing > Virtual Servers.
  2. Open the virtual server, and in the Advanced Settings pane, click Traffic Settings, and then select Rewrite.

To configure SSL Redirect on an SSL virtual server or service by using the command line interface

At the command prompt, type:

  • set ssl vserver <vServerName> - sslRedirect (ENABLED | DISABLED)
  • set ssl service <serviceName> - sslRedirect (ENABLED | DISABLED)

Example

set ssl vserver Vserver-SSL-1 -sslRedirect enabled 
set ssl service service-SSL-1 -sslRedirect enabled

To configure SSL redirection and SSL port rewrite on an SSL virtual server or service by using the configuration utility

  1. Navigate to Traffic Management > Load Balancing > Virtual Servers, and open the virtual server.
  2. In Advanced Settings, click SSL Parameters, and select SSL Redirect.