We are pleased to announce that a new, supported iApp template for Microsoft Exchange Server 2010 and 2013 is now available in a bundle (that also contains all older template versions) from https://downloads.f5.com/esd/product.jsp?sw=BIG-IP&pro=big-ip_v11.x.
Currently, the link on that page indicates the iApp template bundle is version 188.8.131.52, but if you actually follow the link, you'll see that the available version is 184.108.40.206. Both the Downloads link and the Solution (http://support.f5.com/kb/en-us/solutions/public/13000/400/sol13497.html) will be updated shortly to show the new version.
Also for the moment, use the release candidate Deployment Guide at https://devcentral.f5.com/wiki/GetFile.aspx?Page=iApp.Microsoft-Exchange-2010-and-2013-iApp-Template&File=microsoft-exchange-2010-2013-iapp-dg-RC-4.pdf We will promote that Deployment Guide to the main F5 site as soon as possible, and announce on this thread when that is available from the correct location.
The remainder of this post contains the README included with the new iApp template. Please read this carefully before upgrading your existing deployments.
RELEASE NOTES -- iApp template version 1.2 for Microsoft Exchange Server 2010
and 2013 Client Access Services
IMPORTANT -- The previous date-based naming system has been replaced with
simple numerical naming to indicate version. Version 1.2.0 is an upgrade to
both the 2012_04_06 and 2012_06_08 versions of the iApp template.
A deployment guide with detailed instructions for using this iApp template and
configuring your Exchange Client Access Server environment is located at
F5 strongly recommends reading the deployment guide in addition to the following
Importing and Using the Template
Extract the template file in a location accessible by the BIG-IP system. From
the BIG-IP Configuration utility, on the Main tab, expand 'iApp' and then click
'Templates'. Click 'Import' and then click the 'Browse' button to select the
template file 'f5.microsoft_exchange_2010_2013_cas.tmpl'. Click 'Upload' to
install the template to your BIG-IP system.
IMPORTANT: F5 does not recommend reconfiguring existing application services
that were deployed with the Exchange template that shipped with BIG-IP versions
11.0-11.4.x (f5.microsoft.exchange_2010). For best results, use this template
to create a new application service that co-exists with previous deployments.
During a maintenance window, switch IP addresses between old and new applic-
ation services, or change your DNS configuration to use the new IP addresses
However, this iApp template may safely be used to upgrade application services
that have been created with iApp template versions 2012_04_06 and 2012_06_08 for
Microsoft Exchange Server 2010 Client Access Services.
IMPORTANT: If you are upgrading from a previous deployment created with iApp
template versions 2012_04_06 or 2012_06_08, elected to use F5's APM module to
secure your Client Access traffic, and are running BIG-IP version 11.2 or later,
the IP address you previously entered for your Active Directory server will not
be preserved. You will need to enter the IP address(es) and host name infor-
mation for your Active Directory servers(s) into the iApp template before your
configuration is complete.
New Features & Configuration Changes
The iApp template version 1.2 for Microsoft Exchange Server 2010 and 2013
Client Access Services contains the following significant changes from the iApp
template iApp template version 2012_06_08:
* The iApp template now fully supports Exchange Server 2013 (RTM, CU1, and CU2).
+ The template no longer configures objects for MAPI (RPC Client Access)
when Exchange Server 2013 is selected.
+ The template does not apply persistence profiles for Exchange 2013
+ The template now supports accessing the Exchange Admin Center (EAC), and
adds the ability to restrict access via group membership when using APM.
+ Simple monitors now check 'healthcheck.htm'.
+ The ActiveSync monitor has been updated to accommodate a change in
Exchange Server 2013 CU2.
* Users may show or hide inline Help.
* The HTML Help content has been removed in favor of inline configuration notes
and Deployment Guide instructions.
* Users may specify priority groups when using customized pool settings.
* Added support for Exchange Web Services (EWS) when not deploying Outlook
* Added a new EWS-specific EAV monitor.
APM-Specific New Features
* Users may specify a pool of AD servers rather than just one when using APM on
BIG-IP version 11.2 or later.
* Added monitoring options for the AAA Active Directory pool.
* Client-side NTLM support is included for BIG-IP version 11.3 and higher.
* Converted APM Forms-based SSO objects to v2 (Forms - Client Initiated).
* Added support for F5's new Exchange profile on BIG-IP 11.4 and later, substi-
tuting for system iRules.
Fixes and Miscellaneous Changes
* User input for monitor timeout is now applied to EAV monitors.
* Removed redirect iRule when unencrypted client connection is selected.
* Removed "owa/" URI modification field from template since it was unused.
* When selecting different IP addresses for each service, the Monitoring section
now automatically provides a separate text field for each service FQDN.
* Excluded uglobal.js and owa.ev from caching profiles, and removed
'Accept-Encoding' header, to prevent client hanging.
* APM sessions are now terminated after a user logs out of OWA.
* When switching from a specific certificate and key back to a default certif-
icate and key, the clientssl profile now accepts the change.
* Pools are now configured to 'Reject' as Action on Service Down (changed from
* SNAT pool arrays are now uniquely named, so they are not overwritten by sub-
sequent iApp instances.
* Removed a trailing slash from HTTP::uri command in owa append iRule to force
CAS servers to send a redirect to "/owa/"; previously, users navigating back
to "/" over HTTP would not get redirected correctly.
* Added system ActiveSync APM iRule when a separate ActiveSync virtual server
* Fixed an incorrect combined iRule pool assignment for EWS and OAB traffic in
* Made corrections to Autodiscover EAV monitor script.
* Added IPv6 support to EAV monitor scripts.
* Added a fix for a session cookie persistence bug.