Forum Discussion
Chad_103287
Nimbostratus
NimbostratusOCS 2007 R2 and Reverse Proxy
Is anyone using their LTM to reverse proxy the address book lookup in OCS 2007 R2?
I think I have all the settings correctly mapped out, however, traffic is not routing correctly to my OCS pool servers.
I am terminating SSL at the vip and have a pretty vanilla config.
Christian_Pilz_did you ever resolve this?
Thx
Christian
Dan_18951Have anyone been able to accomplish this? I've heard it can be done but I haven't seen the necessary steps required published anywhere on the web. If you have accomplished this please post back.
Thanks,
Dan- Although F5 has not tested BIG-IP LTM as a component for an OCS 2007 (or 2007 R2) reverse proxy, we're investigating using it in that way for Lync 2010, which should be substantially similar.
Some things to remember:
If you terminate SSL, you need to make sure you have a certificate with a correct Common Name and the various SubjectAlternativeName entries.
You'd also need to re-encrypt (e.g. apply a serverssl profile), and forward to the pool virtual server. In Lync, you need to make sure that fowarded traffic is switched to port 4443 (not 443); I'm not sure if OCS 2007 uses 443 or 4443 off the top of my head.
You might try this with a Performance L4 virtual first, not doing SSL decryption. You're just basically using LTM as a router in that case, but you can make sure traffic is going where you expect and that OCS/Lync is properly terminating and accepting it. Once you have that, switch to Standard with a clientssl and serverssl profile.
That should be all you need to do, but I haven't personally looked at this. Please give it a try and report back!
