Forum Discussion
Lucas_Thompson_
Jan 27, 2016Historic F5 Account
EV likely resides on a separate server, based on prior support cases. However, the specific configuration can vary significantly by site.
You'll have to begin by capturing the client traffic and try to figure out specifically isn't being handled the way you want. APM is simply a proxy and can be configured any way you like, but you have to define exactly how you want it to behave.
Suggest probably packet-capture TMG behavior first (on both sides of the device), then APM's behavior (on both sides of the device). Compare the two behaviors and we can provide suggestions of how to make APM do whatever TMG is doing.
- Shihab_Hamsa_23Jan 28, 2016NimbostratusThank you for the input Lucas, what I have seen is that, in TMG they are configured to accept Form Based Authentication from the client and delegate Basic authentication to Backend servers. Now the backend servers both CAS and EV are configured on both Basic and Integrated authentication. This is not happening with F5. As when I configure the authentication to be form based, first case is that, my clients from external network is being prompted for user credentials multiple times for OWA before they could actually get the inbox. It seems that the Form based authentication is not working as it was expected for the SSO. But when the EV is accessed over outlook, things seems like, its getting negotiated with NTLM and not basic. How can we set the basic authentication delegation from form based to the backend ?