Forum Discussion

ca689_1627's avatar
Icon for Nimbostratus rankNimbostratus
Oct 14, 2011

Activesync and Outlook Web App


Prior to implementing the F5 and the APM into our Exchange 2010 environment, mobile devices use activesync and are able to connect directly to our Outlook Web App URL, sync up to their mailbox and and get their mail. We have since put the F5/APM in place. How can we get activesync to work through the LTM/APM? Do we need to setup a special virtual server with access policies that allow this? Any ideas or help are much appreciated.



3 Replies

  • there is application ready deployment guide which also talks abt the activesync (EAS). There is no need for special VS. You just need to answer the ready application template (pg 12) which will greatly simplifies configuring the BIG-IP system for Microsoft Exchange 2010.





    You must be running BIG-IP version 10.2.1 or higher; version 10.2.2 or higher strongly recommended. If implementing Edge Gateway or APM in conjunction with your BIG-IP LTM deployment, version 10.2.2 is required.



    There are two ways you can configure the BIG-IP system for the Outlook Web App, Outlook Anywhere, ActiveSync, and Autodiscover services:


    - Separate IP addresses/virtual servers for each HTTP service


    - One IP address/virtual server for all HTTP services



    If you are using the BIG-IP Edge Gateway or BIG-IP APM for secure access to Client Access servers, you must use a single IP address. See page 28 for details.



    I also understand there is mobile appl for IOS, Android (Samsung) but do note that BIG-IP Edge Client app does not support client-side checks.



    Link for download of IOS and Android client and portal access





    hope it helps
  • Hello,



    what if we have to create VIP for OWA only and expecting 18000 connection?


    what best practices to be followed.


    If pool members are working on Port 443 only is below parameters are OK.



    Health Monitors - HTTPS


    Pool - Slow Ramp time = 300


    Load balancing method - List connection Member





    1) Append irule



    when HTTP_REQUEST {


    if { ([HTTP::uri] == "/") } {


    HTTP::redirect https://[HTTP::host]/owa/








    2) Active Sync irule



    when HTTP_REQUEST {


    if { [HTTP::header exists "Authorization"] } {


    persist uie [HTTP::header "Authorization"] 7200


    } else {


    persist source_addr







    as we have activesync config for outlook.






    HTTP: X-Forwarded-FOR






    Client SSL - SSL bridging


    Server SSL - SSL bridging


    Persistence - Cookie



    SNAT Pool - 4 SNAT IP's



    Thanks to confirm soon





  • hi,


    in my opinion, you cannot use a cookie persisence, if you use an universal persistence.


    So you have to create a universal cookie, containing the irule with the Authorization header persistence - without the else part.


    And you use the source address as backup persistence.



    You should test it with some logging inside the irule.