Exchange 2016 using N-Path Outlook Connection Issues

Hi all,

 

Our Security Team have a requirement to see the real client IP in the email logs for Exchange 2016. We were previously using SNAT with no issues however it was not possible to get the client IP into the logs.

 

We've deployed a new VIP using the N-Path iApp and configured the Loopback Adaptors and pre-requisite ARP settings on each of the adaptors.

 

The VIP is configured without persistence (pool is using Round Robin) and I've setup a check using the Outlook anywhere server health check.

 

The solution is working well for the most part, however Outlook clients are experiencing issues where they show up as connected to Exchange however they are unable to send/receive emails until Outlook is closed and opened again.

 

It seems like a timeout issue or something similar and whatever is happening the client doesn't really seem to be aware of it. I've tried increasing the timeout on the iAPP from 51 seconds, to 180s, 300s, up to 15 minutes or so.

 

I wondered if there was any guidance for Exchange with regards to various timeouts for N-Path as documentation is pretty limited. I've seen some questions referring to LDAP that talk about 2 hour + TTL on the N-Path but the iApp hints that this should not be required as this timeout only covers the initial client connection.

 

Any help/guidance would be greatly received.

 

Kind Regards Spencer