Exchange 2016 iApp - APM Configuration
Hi There,
I have been having issues with our external APM config for our new Exchange 2016 solution via the Iapp. We are running TMOS version 11.4 (Already resolved the "No tls 1.2" issue)
Owa and ECP is working but autodiscover, ews, oab, and outlook anywhere is failing with ERR_CONNECTION_RESET.
- enabled debugging logging for websso and apm services
- confirmed port 88 is open and authenticating via adtest
- confirmed the forward and reverse dns is working correctly
- connection stats show connections are made to the virtual server but not to pools for each service
I assume that we have a problem in our kerberos SSO iapp config. I'm not seeing any websso logging which is odd. Any thoughts would be helpful.
/var/log/apm
Oct 4 16:43:20 bigip1 debug tmm1[10674]: 01490000:7: Matches Autodiscover
Oct 4 16:43:20 bigip1 debug tmm1[10674]: 01490000:7: method: GET
Oct 4 16:43:20 bigip1 debug tmm1[10674]: 01490000:7: Src IP: 10.230.1.44
Oct 4 16:43:20 bigip1 debug tmm1[10674]: 01490000:7: User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.116 S
Oct 4 16:43:20 bigip1 debug tmm1[10674]: 01490000:7: HTTP uri: /autodiscover/autodiscover.xml
Oct 4 16:43:20 bigip1 debug tmm1[10674]: 01490000:7: HTTP len:
Oct 4 16:43:20 bigip1 debug tmm1[10674]: 01490000:7: Request Authorization: NTLM + Basic
Oct 4 16:43:20 bigip1 debug tmm[10674]: 01490000:7: Matches Autodiscover
Oct 4 16:43:20 bigip1 debug tmm[10674]: 01490000:7: method: GET
Oct 4 16:43:20 bigip1 debug tmm[10674]: 01490000:7: Src IP: 10.230.1.44
Oct 4 16:43:20 bigip1 debug tmm[10674]: 01490000:7: User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.116 Sa
Oct 4 16:43:20 bigip1 debug tmm[10674]: 01490000:7: HTTP uri: /autodiscover/autodiscover.xml
Oct 4 16:43:20 bigip1 debug tmm[10674]: 01490000:7: HTTP len:
Oct 4 16:43:20 bigip1 debug tmm[10674]: 01490000:7: Recv'd HTTP NTLM Authentication
Oct 4 16:43:20 bigip1 debug tmm[10674]: 01490000:7: Enable ECA: select_ntlm:/Common/external.webmail.company.com.app/exch_ntlm_combined_https
Oct 4 16:43:20 bigip1 notice tmm[10674]: 01490506:5: de8aa909: Received User-Agent header: Mozilla%2f5.0%20(Windows%20NT%206.1)%20AppleWebKit%2f537.36%20(KH2f53.0.2785.116%20Safari%2f537.36.
Oct 4 16:43:20 bigip1 notice tmm[10674]: 01490544:5: de8aa909: Received client info - Type: Mozilla Version: 5 Platform: Win7 CPU: unknown UI Mode: Full Javrt: 0 Plugin Support: 1
Oct 4 16:43:20 bigip1 notice tmm[10674]: 01490500:5: de8aa909: New session from client IP 10.230.1.44 (ST=/CC=/C=) at VIP 10.228.1.119 Listener /Common/exte.au.app/external.webmail.company.com_combined_https (Reputation=Unknown)
/var/log/ltm
TCL error: /Common/_sys_APM_Exchange - can't read "user_key": no such variable while executing "ACCESS::session data set "$static::__APM_ACCESS_SESS_USER_UUID" $user_key"