Forum Discussion
ca689_1627
Sep 23, 2011Nimbostratus
Exchange 2010 and APM objects
Hello all.
We currently have a single set of LTM virtual server objects set up (created byt he Exchange 2010 template) to provide load balancing for our mutli-member CAS Array. This works g...
Michael_Koyfma1
Sep 23, 2011Cirrus
Best practice would be to enable APM functionality on a separate virtual server and use split DNS. That is, if currently your users go to https://mail.contoso.com, then you'd want to setup that name to resolve to your existing VIP internally and to your newly-created VIP externally. By deploying this you avoid any potential negative interactions with Autodiscover and Kerberos authentication issues internally, conserve APM resources to protect access only for untrusted(external) access, and completely separate internal and external configuration for ease of troubleshooting, change management, and administration.
Regarding 3, I'd still recommend doing your own load-balancing for external users - remember that load-balancing happens on the pool level, not on the virtual server level - so if you point your newly-created virtual server to the same pool of CAS servers, the same load-balancing and metrics would be used - no need to point it to the virtual on the same LTM, it will only slow down the communication process - and you don't want to do that. :)
Hope this works out for you, and please post your feedback on the solution and any further questions that you might have.
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects