SSL bridging and Exchange 2010 hybrid
Hello, We are attempting to use the exchange hybrid wizard to configure our Exchange 2010 environment for O365 migration. The wizard runs fine, but we are not able to get the MRS proxy working due to our SSL offloading configuration at the F5. We would like to configure the Exchange VIP using SSL bridging - is it as simple as adding a server SSL profile? The CAS servers are listening on 443, and have a valid cert installed. I created a server SSL profile using the same cert as the client SSL profile, and my Outlook client was unable to connect. Is there something I am missing?
Public SSL cert on F5 and Self Signed on Server
Hello Folks, If planning to implement SSL bridging with external cert installed on F5 and backend server uses self signed, would like to know 1) Will clients get an error while accessing the website ? 2) If not, in which case will client get the error as backend server is using self signed cert I think that clients will not get error as both side connections will be independent but just trying to understand the different scenarios.
OneConnect, SSL Bridging and Apache2 server
Hi, I am using config as in subject. Everything works OK, Idle TCP connections are reused. Only problem is that Apache2 server is closing TCP connection with SSL session after 20s when no traffic is reaching server. That is not related to Keep-Alive settings on BIG-IP or Apache2 server, the same settings are used for HTTP traffic and all timeouts on BIG-IP or server are respected, idle connection is closed after 298s (Keep-Alive Timeout set on Apache2 server). Verified by trace - server is sending FIN-ACK to BIG-IP. So it seems that there is some SSL related timeout used by Apache2 - problem is I can't find any info how to change it - any help appreciated. PiotrOWA + http profile not working
I need help getting Outlook Web App working. We currently have a test environment with exchange. We have OWA working just fine. The user goes to:https://outlook-test.mycompany.com. The default html on the www root redirects them to https://outlook-test.mycompany.com/owa. Then it hits the OWA app (I presume) and gets redirected to:https://outlook-test.mycompany.com/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2foutlook-test.mycompany.com%2fowa%2f. That all works fine, but here comes the F5 part. I need to start moving things behind the F5, and the exchange environment is not currently behind the F5. For a separate project I need to setup external access to OWA using F5 APM and SAML. What I’m trying to do is get it working in our test environment without breaking the current OWA access. I can get it working, but once I get into the APM aspect it breaks, so I’m taking a few steps back and trying to figure out what is breaking it. Scenario 1 – THIS WORKS Setup a virtual server using the IIS template. Set up SSL passthrough, point the VIP at the two two CAS/HUB servers. This works! The user goes to:https://outlook-test-f5.mycompany.com. The default html on the www root redirects them to https://outlook-test-f5.mycompany.com/owa. Then it hits the OWA app (I presume) and gets redirected to:https://outlook-test-f5.mycompany.com/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2foutlook-test-f5.mycompany.com%2fowa%2f. However, to use an access policy I need to have an HTTP profile. When I add an HTTP profile then everything breaks. After doing a little reading I came to the conclusion that if I had an HTTP profile that I needed to do SSL bridging. So I changed it from SSL pass through to SSL bridging and created an SSL client and SSL server profile. Once I add a client and server SSL profile (as well as an HTTP profile) I hit the F5 and it looks like I’m getting the “root” redirect to /owa, but (see step 2 above) but then I never get the next redirect to /owa/auth/logon.aspx… I know little to nothing about OWA. Not sure why I can get this to work without the HTTP profile doing SSL passthrough, but then break it as soon as I start doing SSL bridging. Thoughts?