Technical Forum
Ask questions. Discover Answers.
Showing results for 
Search instead for 
Did you mean: 

APM/ASM Exchange ActiveSync Brute Force Protection




We are facing issue when configuring the Brute Force for Exchange ActiveSync service.


We have virtual server configured with APM Policy and ASM as well.


We tried to bypass the ActiveSync from APM to send the traffic of login page /Microsoft-Server-ActiveSync to ASM to detect the Brute Force Attack but not worked fine.


We tried also to not bypass the activesync from APM and used "Max user attempts" feature on AD Auth Agent to be 3 attempts but didn't worked also


As well as the AD configured to lock the account after 5 attempts so we found that APM didn't force the user to logout after 3 attempts which lead that account was locked on AD


In the same time we can't use google CAPTCHA option as per requirements , so Any help here ? How we can achieve brute force mitigation for ActiveSync when we have APM and ASM in the same virtual server


F5 Employee
F5 Employee

Because APM functionality in the virtual server is processed before the ASM policy, you need to use a layered virtual to process traffic through ASM before passing it to the APM-configured virtual.


K13315545:  Configuring a BIG-IP ASM virtual server to protect a BIG-IP APM login page with brute fo...