How to troubleshoot an issue of F5 redirecting Exchange OWA Web address to direct host name of CAS Server

149

Problem is

When you access Outlook Web Access (OWA) as for example https://mail.itadminguide.com, F5 redirects your request to actual CAS server address, https://hubcas1/owa instead of retaining the request URL.

 

Solution is

In you are facing this problem then it means SSL is configured on CAS Server hence choose SSL Bridging in your F5 Exchange iApp template.

It is better that you need to understand these 2 SSL config options available in F5 appliance.

SSL Offload:

Here, SSL is offloaded on F5 appliance and all traffic between client and F5 are encrypted, so decryption happens at F5. Further, the connection between F5 with Exchange CAS Servers are unencrypted.

If you choose SSL Offload option in F5, you must enable “SSL offloading” in Exchange. Follow this Microsoft documentation

https://social.technet.microsoft.com/wiki/contents/articles/1267.how-to-configure-ssl-offloading-in-exchange-2010.aspx

SSL Bridging:

Here SSL is offloaded on F5 appliance hence all traffic between client and F5 are encrypted so decryption happens at F5. But the connection between F5 and Exchange CAS Servers are encrypted as well.

 

If you are confused with which option to choose, SSL Bridging is best in terms of “Security” as Man In The Middle Attack  is possible between unencrypted communication between F5 and Exchange, but getting in between such communication channel is not an easy task for external hacker. On the other hand, SSL Offloading is best in terms of “Performance” as there is no overhead on Exchange servers to perform SSL decryption.

 

·


Related Articles & Comments

Thank you for visiting us. To continue receiving updates, please Subscribe to our Social Media Channels.

Google+
FACEBOOK
RSS
YOUTUBE
Menu Title
%d bloggers like this: