BIGIP/LTM 11.2.1, RSA, APM, & OWA for Exchange 2013

Question

We are still working with some basic authentication issues by my exchange guy wants to know how to configure to only aks for authentication on one url and let the others pass through. I have very limited training or experience with F5 or the command line. ANy help will be appreciated.&nbsp;
This is how the agent running on the old exchange server works today.&nbsp;
When user goes to Http://email.rjrt.com or Https://email.rjrt.com , redirect user to Https://email.rjrt.com/owa&nbsp;
When user goes to Https://email.rjrt.com/owa or Https://email.rjrt.com/ecp , challenge user for RSA credentials&nbsp;
If user goes to any of these links, just pass them thru with NO RSA challenge https://email.rjrt.com/ECP https://email.rjrt.com/EWS/Exchange.asmx https://email.rjrt.com/Microsoft-Server-ActiveSync https://email.rjrt.com/OAB &nbsp;

yann_desmarest · Answer

you can use the following irule :
when HTTP_REQUEST {
 switch -glob [HTTP::uri] {
  "/ECP*" -
  "/EWS/Exchange.asmx*" -
  "/Microsoft-Server-ActiveSync*" -
  "/OAB*" { ACCESS::disable } 
  default { ACCESS::enable }
 }
}

You add this irule and your access policy to your Virtual Server and it should disable authentication for specified URI.

Forum Discussion

BIGIP/LTM 11.2.1, RSA, APM, & OWA for Exchange 2013

1 Reply

F5 Architecture Track Sessions - AppWorld 2026

Recent Discussions

2026 301a exam

VIP is not responding on SYN after enabling other modules like ASM, APM and AFM.

VIP in https that redirect to another vip in https

F5OS login with admin/root failed via console

UCS Encryption Question

Related Content

F5 Bigip LTM NAT64 config

Exchange 2016

Technical Impacts of Open Banking and Financial Data Exchange on Financial Systems

Exchange 2019

The Business Partner Exchange - An F5 Distributed Cloud Services Demonstration

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS