CRM - Cross Domain Functionality Through F5
Hi, Our topology looks like this CRM_SERVER := internal.domain.com ^^ F5 := external.domain.com \ Azure plugin/SaaS service We are having issues where the external Azure plugin, in this case Click Dimensions, is raising an authentication exception when processing CRM data. We have the following iRule in place to handle header and payload rewrites. when HTTP_REQUEST { if { [HTTP::header host] eq "crmdev.external.com" } { HTTP::header replace Host "crmdev.internal.com" } Disable the stream filter for all requests STREAM::disable LTM does not uncompress response content, so if the server has compression enabled and it cannot be disabled on the server, we can prevent the server from sending a compressed response by removing the compression offerings from the client HTTP::header remove "Accept-Encoding" } when HTTP_RESPONSE { Rewrite the Location header replacing the internal hostname with the external hostname HTTP::header replace Location [string map -nocase {"crmdev.internal.com" "crmdev.external.com"} [HTTP::header Location]] only do this for text-based responses if { [HTTP::header Content-Type] contains "text" } { establish the stream expression STREAM::expression {@http://crmdev.internal@https://crmdev.external@ @https://crmdev.internal@https://crmdev.external@} STREAM::expression {@crmdev.internal@crmdev.external@} enable stream processing STREAM::enable } } As the F5 is in SSL offload mode, do we need to include anything to handle the HTTP 401 Challenge/Response to the IIS server? Or has anyone experienced similar issues where the F5 acts as the external face for applications on an internal domain?