Problem Outlook Exchange 2010

Question

Hello.
&nbsp;First of all, sorry for my English.
&nbsp;We've a customer who has a Exchange 2010 service for his users: OWA, RPC, etc.
&nbsp;He has two CAS servers, using Windows NLB technology.
&nbsp;The idea is to migrate to a F5 load balanced service.
&nbsp;I've created all of services following the deployment guide (LTM v11).
&nbsp;All seemed to work fine, but in the end a few Outlook clients didn't work properly: the following message appears -&gt; "Outlook is unable to connect to Exchange server" (something like that).
&nbsp;It's curious because it only fails from some determined PC's; some PC's in the same VLAN work fine. All outlook profiles you create in "the bad PC's" don't work. We changed the IP address and we obtained the same result.
&nbsp;Is it necessary to carry out additional changes of configuration on the CAS servers?
&nbsp;Anyone can help us, please?
&nbsp;Thank you all.&nbsp;

techgeeeg · Answer

Hi Juan, 
&nbsp; Which particular service of Exchange is not working fine with these users???? is it that they open their outlook client and it dosent connect??? or is it outlook any where or else kindly mention. A quick test you may have to check out the certificates and let me know if u r using a chain certificate or single certificate??? 
&nbsp;  
&nbsp; Regards,

juan · Answer

Hi Faisal.
&nbsp;Thanks for your reply.
&nbsp;"is it that they open their outlook client and it 
dosent connect???" Exactly, that's the problem.&nbsp;I'll describe better the situation:
&nbsp;- We have two CAS servers, load balanced as Windows NLB

&nbsp;- The idea is to use F5 LTM as load balancing technology.

&nbsp;- I've set all Exchange services: OWA, Autodiscover, RPC, etc.. 
following the deployment guide: 
http://www.f5.com/pdf/deployment-guides/microsoft-exchange2010-ia
&nbsp;pp-dg.pdf.

&nbsp;- Everything seems to work fine, except that some clients using Outlook 2010 can not connect to exchange server.

&nbsp;- The strange thing is that it always fails from the same computerd.
 From computers on the same VLAN, some fail and others do not.

&nbsp;- We have logged the connections. When using the Outlook 2010 client, always begins with an RPC connection to port 135.

&nbsp;- In the good and correct situation, there are connections to RPC ports 7575 and everything works fine.

&nbsp;- In the bad situation, there are only attempts of RPC connections 
to port 135 and a message appears on the client, something like "Outlook
 can not connect to the Exchange server."

&nbsp;We have seen the following message captured with Network Monitor 
"DCERPC174Bind_ack: call_id: 2 Fragment: Single Unknown result (3), 
reason: Local limit exceeded"

&nbsp;Can you help us? Have you had any similar cases?

&nbsp;Our suspicion is that the problem may be related to any further 
modification to be carried out in the CAS server configuration, 
something related to authentication and FQDN.&nbsp;
&nbsp;When you ask me about certificate, do you mean certifacates installed in F5 or in CAS servers?
&nbsp;Thank you&nbsp;

techgeeeg · Answer

Hi Juan, 
&nbsp; First of all I believe you must have configured the RPC service to use any port not any particular port check this out. If it is already set to any port good if not then make it use any port. Secondly if this doesn't work create the RPC pool separately that is remove it from the iApp and create a VS seperately for RPC and even in that keep the port to any check this out and update. 
&nbsp;  
&nbsp; Regards, 
&nbsp;  &nbsp;

nathe · Answer

Juan 
&nbsp;  
&nbsp; I take it there's no obvious difference between the clients and they're all using the same version of Outlook? Also, on the bad PCs can you telnet to port 135 and 7575 to ensure this works? 
&nbsp;  
&nbsp; I take it if you go direct and bypass the f5 it works? 
&nbsp;  
&nbsp; I'm wondeing if it's a TCP issue and possibly keep-alives? Can you double check what your TCP profile is set up for it's Keep Alive settings, compared to the deployment guide? 
&nbsp;  
&nbsp; This askf5 article may help: http://support.f5.com/kb/en-us/solutions/public/8000/000/sol8049.html and this MS article: http://support.microsoft.com/kb/2535656 
&nbsp;  
&nbsp; Rgds 
&nbsp; N 
&nbsp;  &nbsp;

juan · Answer

Hi Faisal.
&nbsp;I don't understand why RPC service must use any port. We have configured three RPC ports: 135, 7575 and 7576. For most of the users, it works fine.
&nbsp;But, as you say, one of our test has been create a separate Virtual Server, without specifying a port (any), and with members with any as port too, and with Port Translation as enabled and as disabled, without luck. 
&nbsp;We can't see any connections to that virtual server.
&nbsp;Thank you very much.&nbsp;&nbsp;

Forum Discussion

Problem Outlook Exchange 2010

Recent Discussions

MAC address of deleted VS IP address still responsive

Different common name ssl acces 403 forbiddent

dynamic signature detection

DNS HM Probe issue

F5 looses the token for the first call

Related Content

Outlook NTL Authentication

The Business Partner Exchange - An F5 Distributed Cloud Services Demonstration

MS Exchange ProxyNotShell block implemented via iRules

Source_Addr Persistence Problems

Problem with exchange iApp

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS