Peculiarity rewriting HTTPS in IIS8

Playing with rewrite rules in IIS8 and trying to get it to redirect http request to https, I found that if you have the “require SSL” tickbox selected it will not process your https rewrite rules.

SSL Settings

For reference here’s the rule which worked perfectly once I disabled the require SSL setting.

Rewrite Rule

Or in an easier to copy format here’s the web.config file

Note: It probably exhibits the same behaviour in IIS7 and earlier, I just never bothered to test those, I was only using IIS8.
Here’s the link to IIS rewrite as well for those interested

Configuring a Juniper SRX110 Router

Recently I was configuring a pair of Junipers SRX110s in a cluster configuration and found something that doesnt seem to be documented anywhere else, so I thought I’d share this little gotcha that had me running circles for a little while.

This article http://www.juniper.net/techpubs/en_US/junos12.1/topics/reference/general/chassis-cluster-srx-series-node-interface-understanding.html helpfully gives a table of what the interfaces become when a node is added to the cluster. However it leaves of the SRX110 model.

I, perhaps naively, thought it would behave as per the SRX100 and make the second node fe-1/0/0-7 but it behaves more like the SRX210 and makes the second node fe-2/0/0-7. Explains why I kept getting the error

'fab1' configured wrong interface as fab child

When trying to commit my changes using fe-1/0/5 as a member for fab1. Really wish auto-complete would work at that point of the command would’ve saved me some head banging.

 

When the config is final I’ll paste it up here for reference for anyone else that might be trying to configure one as well.

 

Update: It seems after a bit of work that Cluster mode wont work anyway. There’s several features that aren’t available in cluster mode, and it also looks like Juniper has disabled cluster mode on any JunOS release after 11.2 so you can’t upgrade and get any of the other nice features.

Looks like I’ll end up having to go with 2 separate firewalls and use VRRP and/or routing to make it work with redundancy.