Forum Discussion
Adminseg_226054
Nimbostratus
NimbostratusBig-IP LTM+APM OWA with Symantec Enterprise Vault
Greeting everyone,
I used an f5 iApp to configure Exchange (f5.microsoft_exchange_2010_2013_cas.v1.5.1) to publish OWA/active-sync. The pre-authentication is being made though F5 APM moudule and everything is working as expected. We use an SSL profile to both client and server side. Right now We have Enterprise Vault working in the following way:
OWA---(SSL)---> TMG--(NonSSL)---> EnterpriseVault
We created a pool for EnterpriseVault named pool_owa_enterpriseVault in F5 and added the following to the irule "exchange_owa_activeSync_apm_combined_pool_irule7":
"/enterprisevault*" { pool /Common/pool_owa_enterpriseVault COMPRESS::disable CACHE::disable return }
It was supposed to work with this flow: OWA---(SSL)---> Big-IP ------(NonSSL)---> EnterpriseVault but it is doing this: OWA---(SSL)---> F5 -----(SSL)---> EnterpriseVault
I already tried adding SSL::disable serverside but Big-IP always tries to go though port 443 and establish handshake. Enterprise Vault does not use any kind of cipher. Enterprise Vault pool is configured to work on port 80 but still Big-IP tries port 443.
Any help to solve this problem would be very kind.
Best Regards, Ruben
Anand_PrabhuI faced similar issue. There are 2 options
- Apply SSL::disable serverside iRule for “/enterprisevault*” otherwise
- Enable SSL at Enterprise Vault IIS
helpful link - http://itadminguide.com/big-ip-f5-with-symantec-enterprise-vault/
Mulham_171271Have you managed to get this working? I have the same situation, any info would be appreciated.
AneshCirrostratus
- can you provide pool and vip configuration?
- Are the pools listening on 80 or 443?
- Has port translation been enabled on the VIP?
- if ssl re-encryption is not required on the serverside, then ssl serverside profile is not required