For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Chad_103287's avatar
Chad_103287
Icon for Nimbostratus rankNimbostratus
Apr 28, 2009

OCS 2007 R2 and Reverse Proxy

Is anyone using their LTM to reverse proxy the address book lookup in OCS 2007 R2?     I think I have all the settings correctly mapped out, however, traffic is not routing correctly to my ...
microsoft
partner
Dayne_Miller_19's avatar
Dayne_Miller_19
Historic F5 Account
Mar 29, 2011
Although F5 has not tested BIG-IP LTM as a component for an OCS 2007 (or 2007 R2) reverse proxy, we're investigating using it in that way for Lync 2010, which should be substantially similar.

 

 

Some things to remember:

 

 

If you terminate SSL, you need to make sure you have a certificate with a correct Common Name and the various SubjectAlternativeName entries.

 

You'd also need to re-encrypt (e.g. apply a serverssl profile), and forward to the pool virtual server. In Lync, you need to make sure that fowarded traffic is switched to port 4443 (not 443); I'm not sure if OCS 2007 uses 443 or 4443 off the top of my head.

 

 

You might try this with a Performance L4 virtual first, not doing SSL decryption. You're just basically using LTM as a router in that case, but you can make sure traffic is going where you expect and that OCS/Lync is properly terminating and accepting it. Once you have that, switch to Standard with a clientssl and serverssl profile.

 

 

That should be all you need to do, but I haven't personally looked at this. Please give it a try and report back!