We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Load Balancer ADC

How do I redirect HTTP to HTTPS when using SSL Offloading on my Load Balancer?

  • Type: Knowledgebase
  • Date changed: 10 months ago
Solution #00004460

This solution applies to all Barracuda Load Balancer models 340 and above, running firmware versions 3.1 and above, using the Route Path or Bridge Path deployment with SSL Offloading.

To force all inbound HTTP requests for a service to HTTPS while using SSL offloading on the Load Balancer, two services must be created. One for SSL Offloading and a standard HTTP service with HTTP Redirect enabled (No real servers are needed for the HTTP service).

Begin by setting up the SSL Offloading service on the Basic > Services page of the user interface (Solution #00004406). Next, create an HTTP service using the same VIP and set the HTTP port (typically port 80). Once the service is created, click on the Edit icon next to the Virtual IP address. In the Service Detail window, select Layer 7 - HTTP as the Service Type. A new option will appear below the service type selections, 'Enable HTTP Redirect'. Change the radio button to 'Yes', and save changes. Any request made on HTTP to that virtual IP address will be redirected to HTTPS and the SSL Offloaded service will respond to that request.

Additional Notes:
When the HTTP Redirect is enabled in the Load Balancer by default the Load Balancer will redirect all HTTP requests to the configured VIP on port 443. If your SSL port is not 443, setup the SSL Offloading service normally, specify the desired SSL port you wish to use for the VIP, and configure the servers as per the solution, listening on an HTTP port. Since all HTTP redirects from the Load Balancer will be redirected on port 443, please ensure that your firewall properly forwards all requests for the VIP on port 443 to the desired SSL port configured. 

Link to This Page: