F5 activesync issue with Windows 8 phones

Question

Hi,&nbsp;
Hoping somebody can give guidance on this particular issue where we have rolled out F5 deployment for ActiveSync and Exchange services.
This issue only appears for Windows 8 or Windows phones in general where it continuely prompts for password input after a reboot or simply if there is a drop in mobile network and comes back then the password is required.&nbsp;
Is there something we can do in the F5 config, or where should I be looking to remedy this issue.&nbsp;
Works well for other handsets including IOS and android, no issues.&nbsp;
Hope there is solution to resolve this as we have quite a huge windows phone user population whether it be a simple tweak with the F5 or tweak with exchange.&nbsp;
We use simple basic http authentication, i thought maybe its do with session persistence or session handling for non browser clients perhaps ?&nbsp;
Kind help is much appreciated.&nbsp;

kunjan · Answer

You can enable debug for accesscontrol APM and see in the logs where it is failing. Activesync uses iRules. So I guess need to take look at that as well and the logs in the /var/log/ltm&nbsp;

mikeshimkus_111 · Answer

Hi Kris, can you provide some more info:&nbsp;
1) Which version of BIG-IP, Exchange and Windows Server are you using?&nbsp;
2) If you are using BIG-IP v11 or later, did you use the iApp to deploy and if so, which version of the iApp template are you using?  If not, did you use the latest version of the Exchange deployment guide?&nbsp;
3) Are you using APM or AVR/Analytics?&nbsp;
4) Do you still get the auth prompts if you bypass the BIG-IP and connect directly to the Client Access server?&nbsp;
thanks&nbsp;
Mike&nbsp;

kris_01_158159 · Answer

Hi Mike,

BIG-IP VE - 11.5.0
Exchange 2010
Windows Server 2008 R2
Yes we used a custom iApp to deploy " f5.microsoft_exchange_2010_cas.2012_06_08".
We are using APM.
4 question is tricky to test, i cannot verify that.
But if we click cancel and synchronize on the windows phones, it remembers the password and works ok , which is odd.

As i said, its no issues with Android or IOS, just main issue is with windows phones when reboot or out of reach with mobile network.

Thanks Mike

mikeshimkus_111 · Answer

We recommend upgrading to v1.3.0 of the iApp.  It's available at downloads.f5.com.  &nbsp;
If you still have the issue after deploying with the latest iApp, you should set the APM access and SSO logs to debug in the System menu and tail /var/log/apm while a Windows 8 phone client tries to connect.  If you post the output here I can have a look.&nbsp;

kris_01_158159 · Answer

Hi Mike,&nbsp;
Performed some captures of the apm and sso logs (these were both enabled in system/config/options) and ran some tail queries as suggested.&nbsp;
See below output on gist for the username "domainuser"&nbsp;
https://gist.github.com/anonymous/b18dcd0195bae355ce32&nbsp;

Forum Discussion

F5 activesync issue with Windows 8 phones

8 Replies

Recent Discussions

Maximum throughput of f5 ltm

Issue on license renewal

iRule cookie persistence and pool redirect

redirect not working

Access azure app service using f5 LTM

Related Content

Bait Phone

F5 BIG-IP Access Policy Manager (APM) Machine Tunnels for Windows

Windows File Share via F5 VIP

Nginx vs Windows

Windows edge client - Trusted Sites