Forum Discussion
SharePoint SSL-Offloading causes access denied error.
Hi All,
I'm hoping someone might be able to help me as I am now at my wits end with what seems to be a pretty unique problem. I have a sharepoint environment which I have recently set up F5 to in order to control access and act as a load balancer.
Originally my problem was one that has readily been solved by many on this community. It was that when I tried to access the drop down menu for list items I had a constant "Loading..." label appear and no drop down menu. I solved this in the way that many blogs and topics suggested which was to ensure that the "Alternative access mappings" in Sharepoint were set up correctly. These are now set correctly and as they should be but they have revealed a further, slightly more bizarre problem.
Now when I navigate to the website I found I am constantly attempting to reauthenticate, clicking cancel reveals then my default sharepoint page except without any CSS or Javascript applied. After further investigation it seems that when trying to access my CSS files directly (found under _layouts/1033/etc) I constantly get an access denied error.
This only happens when I use the sharepoint site through F5 and to make sure nothing is playing foul with me I have removed my access profile, disabled acceleration and compression, removed all iRules I was previously using and basically stripped it down until all F5 is doing is forwarding me onto the sharpoint pool (which points to port 80). Finally, this doesn't happen if I switch off SSL-offloading (I followed the Sharepoint 2010 document on setting up an iApp based on their templates), without SSL offloading everything just works perfectly..
I wonder - has anybody seen this before or have an inkling as to what the solution may be? I am quite a novice at anything F5 related and this is my first attempt at setting it up. Everything was going swimmingly until I noticed there were no drop downs on list items..
Thanks!
Adem
- What_Lies_Bene1Cirrostratus
Adem,
- ademali_1610NimbostratusHi What Lies Beneath,
- ademali_1610NimbostratusAlso I'm not using one connect, I was originally but have since removed it to see if that could be the cause. I'm running 10.2
- What_Lies_Bene1CirrostratusAdem,
- ademali_1610NimbostratusYeah sorry I meant Cookie Insert and a cookie name is set too. That's a yes for NTLM. There are no non-ssl vips set up and also there is only one pool member at the moment. The only question I'm unable to answer is the Redirect Rewrite option - I'm not sure exactly where this is set?
- What_Lies_Bene1CirrostratusYou're welcome, the Redirect Rewrite option can be found in whichever HTTP Profile is assigned to the Virtual Server.
- ademali_1610NimbostratusAhh I see, thank you; it wasn't set to matching but after setting it it also hasn't solved the issue.
- What_Lies_Bene1CirrostratusOK, well, I can't think of anything else that's missing or misconfigured on the load balancer that might be causing this. I'd suggest you double-check what you've done with the Alternative Access Mappings in the first instance. Beyond that I'm afraid I'm out of ideas.
- ademali_1610NimbostratusI too am at my wits end with this. Nevermind, but thanks for all your help! I'll call F5 support today at some point and see if they can provide any insight into the issue.
- What_Lies_Bene1CirrostratusYou're welcome. I'm sure some future user would be grateful (and I'm interested anyway) if you could post the eventual solution here when it's found please. Cheers
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com