This article describes how to configure redirect URL on ADC virtual server when virtual server is not available.
You can configure an HTTP or HTTPS virtual server with a redirect URL. This URL is sent as a response to the client HTTP or HTTPS request if the virtual server is not available. The common usage of this option is to direct the client to a customized “Site Down” web page or to an external backup website. However, this feature is not applicable for the non-HTTP or non-HTTPS protocols.
If the state of the virtual server is DOWN or DISABLED, then the ADC appliance responds to HTTP(S) requests with the HTTP/1.x 302 – Object Moved response code and the configured redirect URL specified in the Location header of the HTTP response. The exact URL specified in the response depends on the following configuration options:
If the configured redirect URL only contains the domain name, such as http://www.sample1.example.com, the redirect URL specified in the HTTP response appends the Uniform Resource Identifier (URI) specified in the HTTP request to the configured domain name. For example, if the request contains the GET http://www.sample2.example.com/images/site_nav.gif header, then the Location header in the redirect response specifies the Location: http://www.sample1.example.com/images/site_nav.gif header.
Note: The domain names in the request and response can differ. In this article, the two domains are referred to as sample1.example.com and sample2.example.com to explain the concept.
If the configured redirect URL contains a complete path, then the redirect response specifies the complete configured URL, irrespective of the URI in the request. For example, the following are such URLs:
Requested URL – http://www.redirect.com/en/index.html
Redirect URL – http://www.redirect.com/en/site_down.html
The following table illustrates the preceding configuration options:
|Configured Redirect URL||URL in HTTP Request||Header in HTTP Response|
Note: It is worth noting that when configuring a redirect URL, the http://example.com URL is not the same as the http://example.com/ URL because the latter contains the complete path to the web root, /.
The multi-string value “ValidSites” when entered into the registry creates a “whitelist” of URLs to be redirected, but when the key is left in blank, with no URLs or values listed, it will prevent any URLs from redirecting to the client device.
As per http://support.citrix.com/article/CTX106094 “…When specifying sites with the valid sites registry key, all the URLs that are not in the list, open in the server….”
Solution: use MDX app policies to configure the desired outcome. The specific steps listed on this article achieve success.
App URL Schemes can be misunderstood or easily confused sometimes. These steps can help you with configuration problems….
The following details and points will help for you to configure ‘any’ such app appropriately on your server also:
–Secure Web MDX Configuration:
No specific configuration is needed with Secure Web. The following default settings can be used with Secure Web MDX, for the purposes of this example:
App URL schemes:
(For reference, these are those App URL Schemes which Secure Web will register with iOS as being handled by the Secure Web app itself).
(For reference, these are the App IDs and also the App URL Schemes which Secure Web will be allowed to process. One outcome of a process might be that it is simply ‘allowed’. Clicking on a link and seeing it proceed to load is one example of this. For those entries where an ‘=’ symbol is seen, then not only will this action be ‘allowed to process’ but it will also be an action which is ‘passed over to’ or ‘converted in to’ whatever is on the right side of the ‘=’ symbol).
–Secure Mail MDX Configuration:
This is where our solution is used. The following default settings are found:
App URL schemes:
So that the desired outcome be achieved, change ‘Allowed URLs’ to the following:
My understanding is that if you wanted to exempt all URL to do with Windows Updates, you can do that by using the application “Microsoft Update”, which will know of all the URLs involved, This way you dont’ have to do it based on a changing list of URLs.
My question is: If this list of URLs is changed by Microsoft, how does the application “Microsoft Update” stay up to date with the latest URL list and how does the Proxy SG get updated with it.