For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Stefan_Klotz's avatar
Stefan_Klotz
Icon for Cumulonimbus rankCumulonimbus
Jun 15, 2015

In the meanwhile I found out that the issue seems to be related to our overall network design.

 

Sorry that I don't mentioned this before, but we have to BIG-IPs in the traffic path. One in the Intranet, which hosts the "real" Exchange LTM configuration and another one in the DMZ, which acts just as reverse proxy, but handles all the APM stuff. Means the DMZ-LB forwards the traffic to the VS of the Intranet-LB.

 

I now reconfigured this and put all the LTM logic for Exchange on the DMZ-LB as well. With this setup it's working now (with this start URI "/owa/auth/logon.aspx?url=https%3a%2f%2f%2fowa%2f&reason=0"). Any idea what's the reason for this, because I still prefer to have the LTM logic only in place ones (due to inconsistency risks).

 

The only small issue I'm currently seeing is, when I logout from OWA I'm not getting redirected to the APM logon page, but ending on the OWA logon page. Is this related to the "Logout URI Timeout" value, because I see that the APM session is not deleted immediately.

 

Thank you!

 

Ciao Stefan :)