NimbostratusHi, I was asked to configure our F5 environment to be able to handle Exchange Hybrid (I am thinking this is apart of Office365). Does anyone have any idea on how a person can go about setting up the Exchange hybrid configuration in F5? We have already set up our ADFS using an iApp, which was fairly simple and was wondering if there was another iApp for this or do we have to do something else? Thanks for the help!
MVPno direct experience but seems doable, see for example:
Hello Joe, We have the Exchange iApp and deployment guide which will allow you to configure Exchange on-premise. Once that is setup, to allow for some specific hybrid scenarios we have a couple items in the DG as alluded to in the link boneyard posted above(free/busy, etc..). For actual client authentication using ADFS as you mentioned you can use the ADFS iApp to replace ADFS proxy(or front it if you so choose) to allow for F5 to sit in front of ADFS. We have some additional development in the works to make questions such as this clearer within the Exchange iApp itself, however Exchange hybrid should work as the traffic will just flow to/from Exhange and )365 through F5 if configured correctly.
Do you have a specific scenario that isn't working?
NimbostratusI am trying to set up the same thing using only LTM (no APM at all). I have my internal Exchange deployed using iApp ver. 1.5.0.
A mailbox in the cloud is unable to get 'free/busy' details from an on-prim mailbox. However, an on-prim mailbox is getting 'free/busy' detail from the cloud.
I have tried the solution starting on page 75 of the Deployment Guide (Exchange Hybrid Autodiscover and free/busy lookups fail when APM is deployed) with no luck.
What else am I missing here?
Hey Jacob, If you are not doing APM then BIG-IP is not getting in the way from an authentication perspective at least and that iRule you mentioned should not be necessary. I have not heard of any issues with Exchange federation with O365 when APM is not being deployed as the traffic should flow from O365 through the BIG-IP to the exchange servers just fine. Have you opened a case with Microsoft as possibly there is some misconfiguration?
One note is possibly to look at if it is a certificate issue between O365 and BIG-IP as a valid trusted CA cert is required for that communication: https://technet.microsoft.com/en-us/library/hh563848(v=exchg.150).aspx
NimbostratusThanks for the quick response, James.
No case with Microsoft yet as I am needing to fully rule out the F5 first. I am waiting on support to get back to me as well. Once I have their answer, I may be able to push for a ticket with Microsoft.
NimbostratusI am trying to set up the same thing using only LTM (no APM at all). I have my internal Exchange deployed using iApp ver. 1.5.0.
A mailbox in the cloud is unable to get 'free/busy' details from an on-prim mailbox. However, an on-prim mailbox is getting 'free/busy' detail from the cloud.
I have tried the solution starting on page 75 of the Deployment Guide (Exchange Hybrid Autodiscover and free/busy lookups fail when APM is deployed) with no luck.
What else am I missing here?
Hey Jacob, If you are not doing APM then BIG-IP is not getting in the way from an authentication perspective at least and that iRule you mentioned should not be necessary. I have not heard of any issues with Exchange federation with O365 when APM is not being deployed as the traffic should flow from O365 through the BIG-IP to the exchange servers just fine. Have you opened a case with Microsoft as possibly there is some misconfiguration?
One note is possibly to look at if it is a certificate issue between O365 and BIG-IP as a valid trusted CA cert is required for that communication: https://technet.microsoft.com/en-us/library/hh563848(v=exchg.150).aspx
NimbostratusThanks for the quick response, James.
No case with Microsoft yet as I am needing to fully rule out the F5 first. I am waiting on support to get back to me as well. Once I have their answer, I may be able to push for a ticket with Microsoft.
