Forum Discussion
Altocumulusportal access help!
Hi,
Am new to APM and in the process of migrating our resources from Firepass. My question is, with portal access, im trying to get owa to work...no matter what I try I just get a page cannot be displayed. the url is eg. webmail.site.com which is a virtual server on big ip (port 443) that forwards down to our internal exch fe box (port 80), and the certificate lives on big ip then. Ive set the URI as https://IPofVirtualServer and added the IP of the virtual server as a resource item on port 0 and paths /*
Can anyone help with a pointer?
13 Replies
- Matt_Dierick
Employee
Hi,
First question, why do you use APM with OWA ? Do you want to hide URL ? OWA can work with LTM only.
APM allows you to add pre-auth, for i.e.
In your case, just delete resources in your portal access. Just keep the Application URI. Create a webtop (portal or full), and add the webtop and the portal access to a "Full resource assign" in your VPE.
Hope this help.
cymru81Hi, thanks for the reply.
we use apm with it because it isn't a resource we allow publically!
am I doing this incorrectly then? just trying to replicate firepass?
- Eric_St__John
Have you tried to use the "Create With Template" option for the Portal resource? Do you have DNS servers defined in the BIG-IP? Do the logs show anything of interest?
- Matt_Dierick
You can use APM for that, even if LTM is enough. With APM, you will be able to check the client if you want.
Follow my steps above and let me know if you can access your owa.
Virtual Server is not mandatory if there is only one OWA server in the back_end. Just enter your http://owa.internal.domain.local in Application URI. You can follow Eric's tip and use the template as well.
- cymru81
Hi Matthieu, tried your suggestion, just getting page cannot be displayed...also tried template as well now! :/
- Eric_St__John
Are you getting past authenticating?
If so, do you have SNAT enabled?
Are DNS servers defined in the BIG-IP? From the command-line of the BIG-IP, can you ping the internal DNS name of the OWA instance? What do the /var/log/apm logs show when you attempt access? - cymru81
Hi!
Yep I get to the webtop and cann see resources (network tunnel works fine). DNS is defined in Big IP and I can ping the OWA dns name from command line of big-ip.
we are using auto-map instead of snat, though we do have one snat pool setup for an app.
how do I view /var/log/apm logs can this be done in the web gui?
- Eric_St__John
The easiest way to look through the log would be via the command-line. If you don't have access to the command-line you can get the information from Access Policy>Manage Sessions, then click on the Session ID for your session.
- Matt_Dierick
no, from SSH. tail -f /var/log/apm
If you are able to ping the OWA server, it's a good news. Please try a direct connection from APM to OWA (without going through a virtual server). Change Application URI with the OWA FQDN in back end side - in you portal access object.
- boneyard
MVP
don't know what exactly is your latest status, but if your OWA site is using HTTPS, be sure to have a SSL server profile on the virtual server you use for APM. also check the LTM log /var/log/ltm for any messages related to an SSL issue.
