Forum Discussion
Big-IP LTM+APM OWA with Symantec Enterprise Vault
Greeting everyone,
I used an f5 iApp to configure Exchange (f5.microsoft_exchange_2010_2013_cas.v1.5.1) to publish OWA/active-sync. The pre-authentication is being made though F5 APM moudule and everything is working as expected. We use an SSL profile to both client and server side. Right now We have Enterprise Vault working in the following way:
OWA---(SSL)---> TMG--(NonSSL)---> EnterpriseVault
We created a pool for EnterpriseVault named pool_owa_enterpriseVault in F5 and added the following to the irule "exchange_owa_activeSync_apm_combined_pool_irule7":
"/enterprisevault*" { pool /Common/pool_owa_enterpriseVault COMPRESS::disable CACHE::disable return }
It was supposed to work with this flow: OWA---(SSL)---> Big-IP ------(NonSSL)---> EnterpriseVault but it is doing this: OWA---(SSL)---> F5 -----(SSL)---> EnterpriseVault
I already tried adding SSL::disable serverside but Big-IP always tries to go though port 443 and establish handshake. Enterprise Vault does not use any kind of cipher. Enterprise Vault pool is configured to work on port 80 but still Big-IP tries port 443.
Any help to solve this problem would be very kind.
Best Regards, Ruben
- Mulham_171271Nimbostratus
Have you managed to get this working? I have the same situation, any info would be appreciated.
- AneshCirrostratus
- can you provide pool and vip configuration?
- Are the pools listening on 80 or 443?
- Has port translation been enabled on the VIP?
- if ssl re-encryption is not required on the serverside, then ssl serverside profile is not required
- Anand_PrabhuNimbostratus
I faced similar issue. There are 2 options
- Apply SSL::disable serverside iRule for “/enterprisevault*” otherwise
- Enable SSL at Enterprise Vault IIS
helpful link - http://itadminguide.com/big-ip-f5-with-symantec-enterprise-vault/
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com