Here is a standard HTTP monitor that checks whether login page is up and working on the pool members.
[dennis@mifnt1slbgtm03:Active:Standalone] ~ # tmsh list gtm monitor https https.vpn.loginpage.statuscode.new
gtm monitor https https.vpn.loginpage.statuscode.new {
cipherlist DEFAULT:+SHA:+3DES:+kEDH
compatibility enabled
defaults-from https
destination *:*
interval 30
probe-timeout 5
recv "HTTP/1.1 200 OK"
send "GET /dana-na/auth/url_default/welcome.cgi HTTP/1.1\r\nHost: F5-healthcheck.eg.com\r\nConnection: Close\r\n\r\n"
timeout 96
}
Now to test manually we can run a curl command from my awesome macbook pro
USFNTMNSIN9HTDD:~ lztx5g$ curl -I --header 'Host: F5-healthcheck.eg.com' https://employee.vpn.eg.com/dana-na/auth/url_default/welcome.cgi
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Date: Tue, 12 Jan 2021 22:44:24 GMT
x-frame-options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-store
Expires: -1
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors 'self'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
So you can see the response code is as expected with the HTTP/1.1 200 OK
I also check each pool member individually but have to add the –insecure since the SSL Certificate is bound to the FQDN employee.vpn.eg.com so the query to each pool member would like something like this
USFNTMNSIN9HTDD:~ lztx5g$ curl --insecure -I --header 'Host: F5-healthcheck.eg.com' https://192.168.91.229/dana-na/auth/url_default/welcome.cgi
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
Date: Tue, 12 Jan 2021 23:03:23 GMT
x-frame-options: SAMEORIGIN
Pragma: no-cache
Cache-Control: no-store
Expires: -1
X-XSS-Protection: 1
Content-Security-Policy: frame-ancestors 'self'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
and you would run the same command but just change the IP address to the next pool member you want to test against.