Technical Tip: HTTP Virtual Servers not working after upgrade to v7.4.2+

Consider the following configuration working in v7.4.1.

Virtual Server config:

config firewall vip
    edit "test"
        set type server-load-balance
        set server-type http
        set extip 192.168.20.1
        set extintf "port4"
        set extport 443
            config realservers
                edit 1
                    set ip 192.168.10.2
                    set port 443
                    set max-connections 1000
                next
            end
    next
end

After upgrading to v7.4.2 or later, this configuration will no longer work and may cause issues when attempting to access internal servers. This is considered a misconfiguration, since HTTPS traffic should not be handled by an HTTP virtual server.

To resolve the issue, change the server-type to HTTPS or TCP.

config firewall vip
    edit "test"
        set type server-load-balance
        set server-type tcp    (or https)
        set extip 192.168.20.1
        set extintf "port4"
        set extport 443
            config realservers
                edit 1
                    set ip 192.168.10.2
                    set port 443
                    set max-connections 1000
                next
            end
    next
end

Note: 

The real server port must match the server-type. For internal ports different from 443/80, use the TCP server-type.

To change its server-type, the virtual server object must be removed from existing firewall policies. After changing the server-type, reapply the virtual server as the destination to the intended firewall policies and verify that the internal resource is now accessible. See Troubleshooting Tip: Virtual Server Type greyed out.