Forum Discussion

Nelgin_Nepolean's avatar
Nelgin_Nepolean
Icon for Nimbostratus rankNimbostratus
Feb 14, 2017

How to bypass APM profile if uri is "/rpc/rpcproxy.dll" ?

I was trying to bypass APM part for Outlook Anywhere by adding an iRule. But "ACCESS::disable" is not helping. my intention is to disable APM authentication part and do only Loadbalancing or just forward the traffic to Pool if the uri is /rpc/rpcproxy.dll. I have used iAPP for exchange 2016 configuration. 

when HTTP_REQUEST {
if { ([HTTP::path] eq "/rpc/rpcproxy.dll") and \
(([HTTP::method] equals "RPC_IN_DATA") or ([HTTP::method] equals "RPC_OUT_DATA"))}{
ACCESS::disable
pool OA_pool
log local0. "APM disabled."
} else {
ACCESS::enable 
log local0. "APM enabled."
}
}
application delivery
BIG-IP Access Policy Manager (APM)
exchange 2016
iRules
outlook anywhere
owa 2016

5 Replies

Sort By
  • Nelgin_Nepolean's avatar
    Nelgin_Nepolean
    Icon for Nimbostratus rankNimbostratus
    Feb 15, 2017

    Hi Kees,

     

    Thank you for the response. In log it is showing as disabled however authentication is getting failed for OA. outlook client is prompting for the authentication.

     

    Nelgin.

     

  • KeesvandenBos's avatar
    KeesvandenBos
    Icon for MVP rankMVP
    Mar 09, 2017

    Hi Nelgin,

    Could you remove this from the irule:

    else {
ACCESS::enable 
log local0. "APM enabled."
}

    Cheers,

    Kees

  • Cory_O's avatar
    Cory_O
    Icon for Cirrus rankCirrus
    Apr 06, 2017

    I "think" your issue might be that you're using eq instead of "starts_with" for the URI in question.

    Try setting your second line to the following. I threw in some extra protections in case the client changes case on anything in the URI request:

    if { ([string tolower [HTTP::uri]] starts_with "/rpc/rpcproxy.dll") and \
(([HTTP::method] equals "RPC_IN_DATA") or ([HTTP::method] equals "RPC_OUT_DATA"))}{

    Hope that helps!! -Cory

  • KOZ_318093's avatar
    KOZ_318093
    Icon for Nimbostratus rankNimbostratus
    Oct 30, 2017

    Hello Nelgin,

     

    I have the same issue for a client. Can you please give a little more details regarding your solution? I've followed the discussion you refer as an answer but i can't figure out what you did in the VPE and your iRule to disable the APM.

     

    Rgds.