Forum Discussion

Cirrostratus

Apr 06, 2016

OWA with APM

Hello, We are implementing OWA with APM for the first time and have a few questions. We are adding an additional F5 layer at the perimeter network and this is where the APM will be confi...

application delivery

BIG-IP

BIG-IP Access Policy Manager (APM)

security

Yann_Desmarest

Cirrus

May 29, 2016

Hi,

for the first question, you can define the VS on the internal F5 as standard with default client and server ssl profiles. It will provide you the ability to add cookie persistence. If you set L4 performance, you should not add any ssl profiles and you need to add source_addr persistence that will not help as the source IP will be the external F5 floating self ip. So, I suggest to opt for the standard VS with SSL bridging (clientssl and serverssl) and add a cookie persistence profile

for the second question, if you configure 2-factor authentication directly on the VPE, you then need to provide username/password creds only to OWA and make everything works smoothly. You have an IP Subnet Check block on the VPE to help you decide if the user should get an extra 2-factor auth or not.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)