BIG-IP LTM to Exchange 2010 starttls not working for clients
I have a pair of exchange servers behind a pair of BIG-IP LTM servers. When connecting clients directly to the exchange servers they can connect to SMTP 25 using TLS and send email.
When I point the client to the LTM, The client gets an error saying that a secure connection is not available.
Has anyone got this working?
I have the virtual server setup to pass through any ssl (ie. no clientssl or serverssl ) I have defined persistence using source_addr and I can see some traffic coming into the exch servers
The end game is to get Office 365/FOPE talking inbound to the on premise exchange servers.
FOPE insists on talking on port 25 and securing the session with TLS. The error i see in the Message trace summary goes like this:
In Deferral: 451 4.4.0 Primary target IP address responded with: "451 5.7.3 Must issue a STARTTLS command first." Attempted failover to alternate host, but that did not succeed. Either there are no al
It seems like the F5's are intercepting the STARTTLS commands?