Forum Discussion

mf5's avatar
mf5
Icon for Nimbostratus rankNimbostratus
Apr 27, 2020

ASM brute force configuration for Exchange EWS

Hello,

 

We want to configure brute force protection on the exchange ews login page https://abc.com/ews/exchange.asmx.

 

When we use in authentication-type HTML and parameters (username&password) in login url, username is not detected and when we test protection it's not working. And it is the same with when we use authentication-type NTLM in the login url, username is not detected and protection is not working.

 

Need help to configure it.

 

Thanks.

application delivery
ASM Advanced WAF
BIG-IP
security

1 Reply

  • boneyard's avatar
    boneyard
    Icon for MVP rankMVP
    May 03, 2020

    how do you determine it is not working?

     

    when you normally go to the page do you get a logon page or just NTLM or HTTP Basic single sign on?

     

    you do SSL offloading if that is required?

     

    which TMOS version? not 11.6 by chance? https://support.f5.com/csp/article/K05113177