Products
Solutions
Partners
Support
Company
Try Now
Pulse Secure Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

HTTP monitor on the FQDN name of the node not the IP

SOLVED
Go to solution
jda
New Contributor
‎02-01-2021 07:02:AM
‎02-01-2021 07:02:AM

HTTP monitor on the FQDN name of the node not the IP

HI,

 

We have a Pool of HTTPs nodes that only reply if you come with the correct FQDN (let’s say server01.domain.com and server02.domain.com for the example)

Problem is that the included HTTP monitor makes the queries on the corresponding IP (10.0.0.1 and 10.0.0.2) and the server reject the HTTPs query because he only accept request on the a single host header, the FQDN.

 

I know I can force the “host_header” on the HTTP monitor, but unfortunately, there is no way to have a common host header on the backends.


Is the only solution a custom monitor? Did anyone already faces such a problem and have a solution?

0 Kudos
2 ACCEPTED SOLUTIONS

Accepted Solutions
ldarby
Moderator
Moderator
‎02-01-2021 09:58:AM
‎02-01-2021 09:58:AM

Re: HTTP monitor on the FQDN name of the node not the IP

 Hi jda,

 

You would need to use a custom health monitor for this.  Here is a script one of my colleagues already wrote:

#!/bin/bash

export $(echo "[email protected]" | sed -rn 's/--([a-z_]+=[^ ]+)/\1/gp;')
exec curl -sS -D - http://$node:$port$path | head -1 | grep -q '^HTTP/1\.. [234]..'

This uses curl with the pool's node name, which should send the appropriate Host header.

 

Regards,

Laurence

Pulse Secure vADC Support (Acquired by Ivanti)

View solution in original post

jda
New Contributor
‎02-03-2021 02:07:AM
‎02-03-2021 02:07:AM

Re: HTTP monitor on the FQDN name of the node not the IP

Thanks for the help.

We went the python route and I modified the "HTTPS_port-monitor.py" from Juergen Luksch to manage the case and get a little more control.

 

Working great for the moment

View solution in original post

0 Kudos
2 REPLIES 2
ldarby
Moderator
Moderator
‎02-01-2021 09:58:AM
‎02-01-2021 09:58:AM

Re: HTTP monitor on the FQDN name of the node not the IP

 Hi jda,

 

You would need to use a custom health monitor for this.  Here is a script one of my colleagues already wrote:

#!/bin/bash

export $(echo "[email protected]" | sed -rn 's/--([a-z_]+=[^ ]+)/\1/gp;')
exec curl -sS -D - http://$node:$port$path | head -1 | grep -q '^HTTP/1\.. [234]..'

This uses curl with the pool's node name, which should send the appropriate Host header.

 

Regards,

Laurence

Pulse Secure vADC Support (Acquired by Ivanti)
jda
New Contributor
‎02-03-2021 02:07:AM
‎02-03-2021 02:07:AM

Re: HTTP monitor on the FQDN name of the node not the IP

Thanks for the help.

We went the python route and I modified the "HTTPS_port-monitor.py" from Juergen Luksch to manage the case and get a little more control.

 

Working great for the moment

0 Kudos
© 2017 Pulse Secure, LLC. Use of this website assumes acceptance of our Legal Notices and Privacy Policy. Pulse Secure has updated its Privacy Policy effective June 28, 2017.