cancel
Showing results for 
Search instead for 
Did you mean: 

Can not Access Mail Exchange (443) when Enabled Policy ASM but in mode Transparent

Pham_Khoa
Nimbostratus
Nimbostratus

Hi all Specialist, Expert,

Today i have a problem when transfer Traffic Mail to F5: POP3S, IMAP4S, SMTPS, HTTP-Based (owa, autodiscover...)

Our module enabled is:

  • LTM: Using least connections, caching, compress, datasafe...
  • AWAF: We using Policy with Mode Transparent

When we enable Application the AWAF Policy for the Virtual Server, then we can access Mail through Web Browser, POP3, IMAP but with Outlook user can not login (Always trying to reconnect)

If we disabled the AWAF Policy, it works well.

 

Does anyone know this issue or have some ideas please share and provide me

Thank you so much

4 REPLIES 4

Ivan_Chernenkii
F5 Employee
F5 Employee

Hello Pham,

Do you mean that you don't have access from Outlook application (not from browser)?

If yes, then to make application work you need to enable "Mobile Applications" in Bot profile or DoS profile (depends on version of BIG-IP) and attach appropriate profile to VS.

Thanks, Ivan

Pham_Khoa
Nimbostratus
Nimbostratus

Hi Ivan,

Thansk for you advice.

The problems is when i use Outlook, Exchange i can not access.

I access normally with Web browser ...

When i enable Bot Profile and DOS Profile, it's ok

But when i enable Application Security Policy, its fail 0691T000008tOpoQAE.png

Ivan_Chernenkii
F5 Employee
F5 Employee

Could you try to enable Mobile Application in Bot profile and try it?

It effects ASM policy too.

Thanks, Ivan

Rahul_Yadav
Cirrus
Cirrus

Is it resolved? if yes please share the workaround.

Facing the same issue.

 

Log /var/log/ts/bd.log:

websocket.c:0266|101 Switching Protocols HTTP status arrived, but the websocket hanshake failed.

websocket.c:0267|Possible reasons are websocket profile isn't assigned on a virtual server or handshake is illegal.

 

applies websocket profile but, not resolved.